{"id":150,"date":"2024-09-05T17:26:38","date_gmt":"2024-09-05T17:26:38","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=150"},"modified":"2024-09-05T17:26:38","modified_gmt":"2024-09-05T17:26:38","slug":"github-actions-typosquatting-a-high-impact-supply-chain-attack-in-waiting","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=150","title":{"rendered":"GitHub Actions typosquatting: A high-impact supply chain attack-in-waiting"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Attackers have long tried to capitalize on typos by registering names in various systems \u2014 DNS, package repositories \u2014 close to those of popular resources. This technique, known as typosquatting<\/a>, also works for GitHub Actions, which can lead to developers executing malicious workflows inside their own repositories, researchers have shown.<\/p>\n

GitHub Actions is a CI\/CD (continuous integration and continuous delivery<\/a>) service that enables developers to automate software builds and tests by setting up workflows that trigger when specific events are detected, such as when new code is committed to the repository. The workflows, called Actions<\/a>, are instructions packed in an .yml file that execute inside virtual containers, usually on GitHub\u2019s infrastructure, and return compiled binaries, testing results, and so on.<\/p>\n

These workflows can be reused and shared with others on the GitHub Marketplace, which currently lists thousands of public Actions that developers can use instead of coding their own. Actions can also be included as dependencies inside other Actions, creating an ecosystem similar to other open-source component registries.<\/p>\n

Researchers from Orca Security recently investigated the impact typosquatting can have in the GitHub Actions ecosystem by registering 14 GitHub organizations with names that are misspellings of popular Actions owners \u2014 for example, circelci instead of circleci, actons instead of actions, google-github-actons instead of google-github-actions.<\/p>\n

\u201cIn a normal scenario where there is a typo when calling an action, the workflow will fail and the developer will notice there is an issue and fix it,\u201d the researchers wrote in their report<\/a>. \u201cHowever if a malicious action exists with the misspelled name being called, the workflow will function without any issues.\u201d<\/p>\n

For example, if a developer types \u201cuses: action\/checkout\u201d in their own workflow instead of \u201cuses: actions\/checkout\u201d \u2014 which is the correct instruction because the parent organization is \u201cactions\u201d (plural) \u2014 their workflow will try to run code from the repository \u201ccheckout\u201d of an untrusted organization. If an attacker created the \u201caction\u201d (singular) organization and a \u201ccheckout\u201d repository, then their malicious action will execute instead.<\/p>\n

In a separate report last month, Palo Alto Networks researcher Yaron Avital discovered that GitHub Actions produced build artifacts that contain sensitive access tokens to third-party cloud services that can be abused by attackers<\/a> to push malicious code into projects or to compromise cloud infrastructure.<\/p>\n

Scope and risk factors<\/h2>\n

One might think that developers making typos is not very common, but given the scale of GitHub \u2014 over 100 million developers with over 420 million repositories \u2014 even a statistically rare occurrence can mean thousands of potential victims.<\/p>\n

For example, the researchers found 194 workflow files calling the \u201caction\u201d organization instead of \u201cactions\u201d; moreover, 12 public repositories started referencing the researchers\u2019 fake \u201cactons\u201d organization within two months of setting it up.<\/p>\n

\u201cAlthough the number may not seem that high, these are only the public repositories we can search for and there could be multiple more private ones, with numbers increasing over time,\u201d the researchers wrote.<\/p>\n

Another reason this technique would be appealing to attackers is scalability. Creating fake GitHub organizations, copying their original actions repositories, and adding a backdoor to their code can be easily automated. This means one attacker can create typo variations targeting many popular GitHub Actions and have the number of impacted repositories quickly add up.<\/p>\n

Ultimately this is a low-cost high-impact attack. Having the ability to execute malicious actions against someone else\u2019s code is very powerful and can result in software supply chain attacks<\/a>, with organizations and users that then consume the backdoored code being impacted as well.<\/p>\n

\u201cThis level of access can be risky if an action is malicious \u2014 it could install malware, steal secrets, or make covert changes to your code,\u201d the Orca researchers warn. \u201cThe implications of such access can be devastating. Imagine an action that exfiltrates sensitive information or modifies code to introduce subtle bugs or backdoors, potentially affecting all future builds and deployments. In fact, a compromised action can even leverage your GitHub credentials to push malicious changes to other repositories within your organization, amplifying the damage across multiple projects.\u201d<\/p>\n

This brings up another important point: It\u2019s not the number of impacted repositories that counts, but their importance and size. Even if an attacker manages to compromise only 10 repositories with this technique, one belonging to a popular project can give the attacker access to thousands of users and organizations down the supply chain.<\/p>\n

Mitigation<\/h2>\n

GitHub does take action against impersonation accounts if brought to its attention, but users shouldn\u2019t rely on that as a defensive technique against typosquatting attacks. Out of the 14 typosquatted organizations that Orca set up for their proof-of-concept, GitHub only suspended one over a three-month period \u2014 circelci \u2014 and that\u2019s likely because someone reported it. CircleCI is one of the most popular CI\/CD platforms.<\/p>\n

During their investigation, Orca researchers also noticed that others had the same idea. The researchers found an organization called \u201caws-action\u201d whose display name reads \u201cAWS for Github Actions \u2013 TYPOSQUAT.\u201d Its description warns users not to use the actions in its repositories because they were set up for research purposes.<\/p>\n

If different researchers had the same typosquatting idea independently of each other, it\u2019s likely that some attackers have had the idea as well, especially since typosquatting is already a commonly used attack technique for websites and in other component repositories.<\/p>\n

The Orca researchers recommend the following best practices to prevent such attacks:<\/p>\n

Double-check actions and their names before using them in your workflows.<\/p>\n

Only chose actions from verified creators or those that are highly starred and forked.<\/p>\n

Use version tags or commit SHAs to ensure a known-good action is being used.<\/p>\n

Integrate security tools to scan workflows for potential issues, including typosquatting.<\/p>\n

Make sure your team is aware of typosquatting risks and how to avoid them.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Attackers have long tried to capitalize on typos by registering names in various systems \u2014 DNS, package repositories \u2014 close to those of popular resources. This technique, known as typosquatting, also works for GitHub Actions, which can lead to developers executing malicious workflows inside their own repositories, researchers have shown. GitHub Actions is a CI\/CD […]<\/p>\n","protected":false},"author":0,"featured_media":151,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-150","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/150"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=150"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/150\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/151"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}