Docker has eliminated practically 3 million public repositories from Docker Hub after researchers found every one to be imageless and don’t have any content material apart from an accompanying obvious description web page that contained hyperlinks to malicious content material as a substitute.
Researchers from JFrog noticed the risk in a latest investigation and recognized the containers as being utilized in three large-scale campaigns to distribute spam and malware. Docker has since instituted a brand new mechanism that stops hyperlinks to exterior assets within the description pages of imageless repositories.
Extra Moderation Wanted?
“Not like typical assaults concentrating on builders and organizations immediately, the attackers on this case tried to leverage Docker Hub’s platform credibility, making it harder to id the phishing and malware set up makes an attempt,” JFrog mentioned in an April 30 report. “Virtually 3 million malicious repositories, a few of them energetic for over three years, spotlight the attackers’ continued misuse of the Docker Hub platform and the necessity for fixed moderation on such platforms.”
JFrog discovered that some 4.6 million imageless repositories have been printed on Docker Hub over a five-year interval. Of that, practically all of them had related metadata that was malicious in nature. JFrog researchers counted a complete of 208,739 faux accounts that the attackers used to add the malicious repositories.
In line with JFrog, what enabled the risk actors is a Docker coverage that permits customers to incorporate quick textual content descriptions and metadata in HTML format, together with any container photos that they publish to Docker Hub. The aim in permitting these descriptions is to allow customers to seek for and discover photos on the cloud-based registry service that they may discover helpful for his or her tasks. The characteristic allowed risk actors to add imageless containers and to comparatively simply embrace description pages that had embedded hyperlinks to spam, phishing, and malware websites.
The mass uploads occurred in two distinct waves — one in 2021 and the opposite in 2023. JFrog researchers have been capable of tie lots of the 2021 repository uploads to a marketing campaign to get customers to obtain pirated content material and cheats for video video games. Many of the URLs within the marketing campaign resolved to websites for malicious file downloads. If a server internet hosting malicious recordsdata was shut down or turned in any other case unavailable, the hyperlinks resolved to a unique energetic server. One other mass add in 2021 concerned a free e-book phishing marketing campaign that appeared designed to steal bank card data.
The 2023 uploads to Docker Hub have been a repeat of the 2021 marketing campaign involving pirated content material and online game cheats. However as a substitute of the repositories immediately pointing to malicious sources, JFrog discovered them pointing to authentic assets that rapidly redirected victims to a malicious supply. One web page on blogger.com, as an illustration, took all of 500 milliseconds to redirect guests to the malicious payload.
JFrog additionally uncovered a 3rd marketing campaign that concerned a risk actor importing 1,000 repositories to Docker Hub day by day for 3 years. Whereas the content material within the related documentation appeared innocent, the motive was clearly malicious, JFrog mentioned. The corporate surmised the risk actor might need been finishing up some type of a stress testing earlier than launching a malicious marketing campaign.
Taking Benefit of a Coverage Loophole
Brian Moussalli, malware analysis staff chief at JFrog, says the risk actors have been capable of perform the assaults because of the lack of a coverage in place that would have prevented it. “After we disclosed the assaults to Docker Hub, they applied a safety mechanism that blocks embedding hyperlinks to exterior assets within the description pages of imageless repositories,” he says.
It is exhausting to inform how efficient the malicious campaigns actually have been, Moussalli says. However it’s doubtless the attackers used a authentic website like Docker Hub to host pages containing hyperlinks to malicious recordsdata, so customers looking for pirated content material, online game cheats, and free e-books would not get suspicious. “Another choice could possibly be that they used Docker Hub for legitimacy however unfold the hyperlinks to these pages through direct messages to victims,” Moussalli says. “Sadly, we’re unable to find out how precisely victims have been manipulated into clicking these hyperlinks.”
Docker could make issues more durable for risk actors by implementing restriction on mass creation of accounts, alongside imposing new guidelines on repository creation, he says. For instance, it may prohibit creation of imageless repositories or not permit new customers to embed exterior hyperlinks for a while after creation of the account or the repository.