Global cybersecurity corporation Kaspersky reported on the 17th that it discovered over 14,000 malicious packages in open-source projects by the end of last year, a 50% increase from the previous year.
Open source is software that allows anyone to inspect, modify, and improve the source code. Widely used open-source packages (GoMod, Maven, NuGet, npm, PyPI) are tools that serve as the foundation for numerous applications. It has been revealed that attackers are exploiting the popularity of well-known packages.
In March, it was confirmed that the Lazarus Group had distributed several malicious open-source packages. These packages contained malware designed to steal credentials and cryptocurrency wallets and deploy backdoors.
Dmitry Galoff, the research center head of Kaspersky's global research and analysis team, noted, "Open source software is the backbone of modern technological solutions, but its openness is now being weaponized," adding, "Attackers are actively inserting sophisticated backdoors and information theft tools into popular packages." He further stated, "Corporations must secure their supply chain before attacks are successful."
Lee Hyo-eun, head of Kaspersky's Korea branch, said, "Given that Korea's fintech, smart manufacturing, and Internet of Things (IoT) industries heavily rely on open-source technology, they are more vulnerable to such threats," and added, "Corporations need to establish proactive defense systems that include real-time code scanning and end-to-end verification from development to deployment."