Comment by 33a
3 months ago
We also caught this right away at Socket,
https://socket.dev/blog/npm-author-qix-compromised-in-major-...
While it sucks that this happened, the good thing is that the ecosystem mobilized quickly. I think these sorts of incidents really show why package scanning is essential for securing open source package repositories.
So how do you detect these attacks?
We use a mix of static analysis and AI. Flagged packages are escalated to a human review team. If we catch a malicious package, we notify our users, block installation and report them to the upstream package registries. Suspected malicious packages that have not yet been reviewed by a human are blocked for our users, but we don't try to get them removed until after they have been triaged by a human.
In this incident, we detected the packages quickly, reported them, and they were taken down shortly after. Given how high profile the attack was we also published an analysis soon after, as did others in the ecosystem.
We try to be transparent with how Socket work. We've published the details of our systems in several papers, and I've also given a few talks on how our malware scanner works at various conferences:
* https://arxiv.org/html/2403.12196v2
* https://www.youtube.com/watch?v=cxJPiMwoIyY
So, from what I understand from your paper, you're using ChatGPT with careful prompts?
You rely on LLMs riddled with hallucinations for malware detection?
11 replies →
AI based code review with escalation to a human
I'm curious :)
Does the AI detect the obfuscation?
5 replies →
[flagged]
Apparently it found this attack more or less immediately.
It seems strange to attack a service like this right after it actively helped keep people safe from malware. I'm sure its not perfect, but it sounds like they deserve to take a victory lap.
I don’t think celebrating a company who has a distinct interest in prolonging a problem while they profit off it is a good thing, no.
1 reply →
You could at least offer some kind of substantive criticism of the tool (“socket”).
Do I need any? Automated tools cannot prevent malicious code being injected. While they can make attempts to evaluate common heuristics and will catch low hanging malware, they are not fool proof against highly targeted attacks.
Either way, the parent post is clearly ambulance chasing rather than having a productive conversation, which should really be about whether or not automatically downloading and executing huge hierarchal trees of code is absolutely fucking crazy, rather than a blatant attempt to make money off an ongoing problem without actually solving anything.
6 replies →
For those interested, points associated with this post spiked to at least 4 then dropped back to one. Take of that what you will.