Foreign adversaries are trying to weaponize open-source software, report finds
Open-source software is the backbone of the digital ecosystem. Benevolent programmers who develop valuable tools and then share those tools with others are some of the most valuable contributors to the modern world, and many important tools used daily depend on open-source projects shared on community repositories such as GitHub. But wherever goodwill exists, there are those who are willing to take advantage of it. And according to a new report published by research firm Strider Technologies, it is not only individual threat actors seeking to exploit the open-source ecosystem, but high-level initiatives from nation-states and their sponsored cyber operatives.
One of the most famous attacks on open-source software occurred in February of 2024, when a user operating under the alias Jia Tan attempted to plant a backdoor into the XZ Utils file transfer tool. While the identity of Jia Tan and their affiliation, if any, has yet to be determined, this incident called attention to the effect that malicious code planted into open-source tools could have. Jia Tan acted as a trusted contributor to the XZ Utils community for years, starting in November of 2021, and gained the status of co-maintainer before inserting his backdoor. This exploitation of trust established a template by which threat actors could conduct supply chain attacks through contributions to open-source software, and more examples have been identified since this initial detection. One recent incident of this type was the attack on the Python Package Index (PyPI) by the North Korea-based Lazarus Group, which involved the uploading of malicious packages disguised as legitimate tools but containing the JarkaStealer malware.
The scanning technique utilized by Strider Technologies has identified multiple potential risk factors in commonly used open-source software. In their case study, which investigated the popular openvino-genai repository (a codebase used to facilitate running generative AI models on consumer-grade devices), Strider’s analysis identified that 21% of its contributors as potentially risky, due to ties with high-risk ecosystems. One particular user, identified as “Suvorov,” was investigated more deeply, and was identified to have multiple employment connections to Russian firms that have been sanctioned by the United States for being involved in cyber threat activity. Suvorov has maintainer status on the openvino-genai repository, as well as infrastructure control, giving them the ability to influence not only the source code, but the entire build and release pipeline. This does not prove that they are engaged in malicious activity, only that they have been identified as a risk due to their association with companies tied to Russian threat operations.
While much of Strider’s report is speculative, it is a telling fact that if a nation-state chose to interfere on a deeper level with these open-source codebases, not only would enterprises worldwide be put at risk of data loss, but such interference could cause a significant service disruption that could have destructive effects on the global economy. Particularly in recent times, when AI agents have become an important workflow tool, disruption to the open-source code underpinning these AI tools could have significant effects across multiple sectors. In the long term, addressing these problems will require a more focused look at open-source code. Organizations should consider reviewing Software Bills of Materials to verify the integrity of code repositories before integrating them into their network.
