Aqua Blog

Threat Alert: Supply Chain Attacks Using Container Images

Threat Alert: Supply Chain Attacks Using Container Images

Team Nautilus, Aqua Security’s threat research team, has uncovered several supply chain attacks that use malicious container images to compromise their victim. These five container images were found on Docker Hub, which we scan daily for signs of malicious activity. The images hijack organizations’ resources to mine cryptocurrency and can be used as part of a supply chain attack targeting cloud native environments.

Below are the five malicious container images we detected:

Container image in Docker Hub

Detected

Contains

Contains

Number of pulls

thanhtudo/thanhtudo:latest 

01/07/2021 

cryptominer 

dao.py script 

100K+

thieunutre/thieunutre:latest 

15/07/2021 

cryptominer 

dao.py script 

11

chanquaa/chanquaa:latest 

30/12/2020 

cryptominer 

dao.py script 

18

c43602f9cc95/openjdk:0da242bd93b7f 

04/07/2021 

  

Execute xmrig 

10K+

700888880a0/golang:e2e26c727b88 

04/07/2021 

  

Execute xmrig 

10K+

Analysis of the container images

The first three container images – thanhtudo, thieunutre, and chanquaa – all execute the script dao.py. This Python script was part of several previous campaigns that used typo squatting to hide malicious container images in Docker Hub (azurenql, about 1.5 million pulls). As seen below, the script executes a binary called xmrig (MD5: 4873e560df68ad96c3de08164b139b09), which is a Monero cryptocurrency miner hiding in one of the layers of the container image.

analysis of container images

Two of the container images – openjdk and golang – used misleading titles that suggest they are official container images from OpenJDK and Golang, respectively. They are designed so that a user who is unfocused or in a hurry might mistake them as official container images, even though the Docker Hub accounts responsible for them are not official accounts. Once they are running, they may look like an innocent container. After running, the binary xmrig is executed (MD5: 16572572588c2e241225ea2bf6807eff), which hijacks resources for cryptocurrency mining.

While the first two container images are likely to be used as part of a supply chain attack, the rest are less likely to be considered as popular or legitimate container images. Collectively, these malicious container images gained more than 120,000 pulls.

How to protect against supply chain attacks

Attackers are increasingly targeting organizations’ software supply chains, and in some cases, they are getting better at hiding their attacks. Therefore, companies should improve their defensive measures to reduce the risk of falling victim to this type of attack. Here are some recommendations that will help you improve your security posture:

Control access to public registries

When running containers from a public registry, treat the registry as a source with a high risk of supply chain attacks. Attackers are trying to trick developers into inadvertently pulling malicious container images by camouflaging them as popular ones. To reduce risk, create a curated internal registry for base container images and limit who can access public registries. Enact policies that ensure container images are vetted before they are included in the internal registry.

Scan container images for malware using both static and dynamic analysis

Sophisticated attacks are often able to avoid detection when organizations use static, signature- or pattern-based scanning. For example, threat actors can evade detection by embedding code in container images that downloads malware only during runtime.

That’s why in addition to scanning any external unvetted container images for vulnerabilities, you need to use tools, such as Aqua Dynamic Threat Analysis (DTA), that dynamically analyze the container behavior in a sandbox to identify attack vectors that wouldn’t be detected with static code scanning.

Digitally sign container images or use other methods of maintaining image integrity

It’s important to ensure that the container images in use are the same ones that have been vetted and approved. Using the Aqua platform, all scanned container images are automatically fingerprinted and tracked, which detects and prevents the use of non-compliant or unknown container images in your environment.

Conclusion

Supply chain attacks are a major threat to cloud native environments. Team Nautilus has identified five malicious container images that are hosted on Docker Hub, all of which aim to hijack resources for cryptocurrency mining. Organizations should create a security strategy that can detect and prevent supply chain attacks at every stage of the application lifecycle – from build to production.

To learn more about attacks on cloud native environments, read the latest Cloud Native Threat Report: Attacks in the Wild on Container Infrastructure.

Assaf Morag
Assaf is the Director of Threat Intelligence at Aqua Nautilus, where is responsible of acquiring threat intelligence related to software development life cycle in cloud native environments, supporting the team's data needs, and helping Aqua and the broader industry remain at the forefront of emerging threats and protective methodologies. His research has been featured in leading information security publications and journals worldwide, and he has presented at leading cybersecurity conferences. Notably, Assaf has also contributed to the development of the new MITRE ATT&CK Container Framework.

Assaf recently completed recording a course for O’Reilly, focusing on cyber threat intelligence in cloud-native environments. The course covers both theoretical concepts and practical applications, providing valuable insights into the unique challenges and strategies associated with securing cloud-native infrastructures.