← All talks

TikTok Under Attack

BSidesROC · 202313:3730 viewsPublished 2024-09Watch on YouTube ↗
Speakers
Guy Nachshon
Tags
TopicSupply Chain Security
StyleTalk
About this talk
Talk description: This talk will cover a recent supply chain attack in which malicious software was hidden inside a package hosted on a trending GitHub repository and promoted through social engineering tactics. The attack was successful in attracting a large number of users and highlights the importance of being cautious when installing software from untrusted sources and the need for secure supply chain management. The attack also demonstrated the severity and far-reaching consequences of supply chain attacks.
Show transcript [en]

all right let's keep right on moving everybody having a good time so far all right good to hear um I'd like to present our next speaker who's going to talk about Tic Tac ticktock under attack that's a mouthful H this is Guy welcome [Music] [Applause] guy hi so

wait no

okay you like another one

thank I so I'm guy um I'm a software engineer at check marks at the supply security team um and first of all I want to apologize for my accent I'm originally from Tel Aviv so uh I'm not a US citizen um let's go so I'm going to talk today about Tik Tok now why would someone talk about Tik Tok and a cyber security convention right I mean it's a Chinese app but still like there's no like hacker behind it normally so I'm going to talk about how my work led me to Tik Tok as a security researcher at a supply Dr security team so one day was at I was sitting in my office you know minding my own

business making coffee probably and the coworker of mine asked me to help her research a malicious package that popped into our system now to understand what a malicious package is um so I'm going to have to explain you what supply chain security means so every software has its own supply chain from dependencies to uh build processes to uh I know packaging and uh deploying everything and it has countless risks along the entire way we can have like a whole day about it but today we're going to focus on dependencies so each month there are about more than a million packages uploaded online to the open source ecosystem including Java packages npm pipie I'm pretty sure everyone uses

one of them so what my team does is that we sit on that Pipeline and we analyze each and every package that is being uploaded and we send it through automated engines and eventually also like manually checking it and then adding it to a DB that so we can like remember what was malicious so usually when a developer is downloading a package he's asking for that one package if I'm going to download requests from pipie I want only request right I don't want anything else but usually there's another package behind it and normally it also looks like this because each package uses another package that uses another package and it's endless so let's take a

look at the real life example okay so I'm going to install cncjs and as you can see it has about 18 800 um dependencies and ideally you would want to go through each and every one of them to make sure there's no malicious code in your app but nobody's going to do it right you have no time so let's get back to our story about Tik Tac so the package popped up it was called PCS I I needed to check why did it pop I mean we have a tag for everything and the tag about it was uh that it uses a attack Vector called star jaing what is star jacking if we'll take a closer look

you can see that it has about 50,000 stars now for a new package that's that's an anomaly so we needed to dive in but first I want to explain to you a bit can you click I want to explain to you a bit about star jacking so star jaing is an attack Vector as I said and we're going to look at two packages one of them is malicious right they have also almost the same name and then this attack Vector is called typos sading and when not going to get into it but they have the same name and we need to know which of which one of them is malicious and if we'll take a look usually a

a a a software engineer will look at the at the stats of the package if it's popular and he'll decide by that but here the stats are the same so how am I going to decide that I need to take a look at the source code maybe but they have the same source code but I'm guaranteeing you that one of them is malicious and how is it malicious pump iio has a strange dependency and if you'll take a closer look inside the dependency I think that the checkpoint popup is the one that's R in my uh my presentation so inside that the strange dependency there's a payload that send the environmental valuables to a webbook

somewhere on the web so as we saw here using star jacking someone hijacked a stars from a different package and uploaded the malicious payload to it so as I told you pmio is the malicious one and still how did they gain the same Stars I mean usually someone at this point the crowd says okay they used an army of bots they did not it's much more easier than that basically I'm going to show you how it's done so this is package lab it's our my team's Metasploit for a publishing malici packages and we're going to publish a new package so the only thing you need to publish a package is an email account so we're going to

create a fake email account and the username password doesn't really matter and let's go to the next step cool so we added the name to our package it's supply chain demo but you can do whatever you'd like I mean you can call it request without s and then someone would probably by mistake will download it we're going to put a version and the description now the only thing we need to do right now it asks us for a GitHub oh for gabo so is it playing nope so it ask us for gab URL for of a repo and we just paste URL inside it in believe it believes us because as you can see it just takes the

amount of stars from the repo that we chose unfortunately the demo is not going so well but um that's it I'm going to put a payload inside of it which is uh um a dropper we're going to skip it and we're going to publish a package so let's wait a second can you click it and we're publishing the package and voila we publish the package and we already have as you can see 9,000 stars and it's that easy why is it that easy because the e system was not built for security it was built upon trust so when the the guys behind Pipi built it they just assumed that people will tell the TRU they did not vet anything so I'm

just literally pasting any link that I'd like and they just believe me so back to our story I saw that they use star jaing now star jacking itself is not malicious right they're just stealing some stars but there's no payload behind it there's no rce so it's just an indication so I took a closer look and inside of it I saw a malicious payload that was very similar to a malicious payload of a password stealer called wasp which is hidden inside a PNG image using a b 64 decryption and so forth so on and so forth I I decoded it click and I saw it goes to an online URL and downloads some um executable file

and inside of it was literally the password stealer this is the W steer it was pretty big we actually reported it and it got deleted later and so let's go back again to our story I decided on this this point to search for the package name on GitHub but I don't know why it was the first time I did it and I stumbled upon um a repo called Tik Tok unfilter API which hosted a a software claiming to do something about Tik Tok and it also directed me to Discord and this Discord Community was huge it has 30,000 members and not only that this repo also was trending on GitHub now at this point you

as a security res you are supposed to ask yourself why the hell is a malicious repository trending on GitHub and why does it have 30,000 people behind it so I got into the community can you click so I got into the community and I saw a bunch of Tik Tok videos being sent there um and those those wasn't weren't nice Tik Tok videos um it was the invisible challenge I don't know if you heard of it or not but basically each month Tik Tok has its cringiest challenge like the milk rate challenge or the ChaCha Slide driving challenge which where people literally drove to the instructions of the ChaCha Slide song and it caused many injuries and in

this particular challenge people would film themselves naked and use um a filter on t to that blurs their body like you can only see a silhouette and this if you take a look at the comment section not the comment section yet this was pretty big as you can see there was three 100 million views to this Challenge and if you take a look at the comment section you had two types of people you had the trolls that said oh I can remove the filter and there was the Crips that wanted to see the videos without the filter so this is where the hacker came into the game um after we saw the invisible Challenge videos there were a bunch I

think dozens of videos uploaded to Tik Tok claiming they can remove the challenge and they were directing us back again to Discord the same Discord server that we saw so yet again I'm going back here and I'm seeing a YouTube video extracting people on how to download a package and the software and the CPS are happy right but what did what did we do after that you know there was a training gab repo there was a thousands of people probably being infected how can we how can we solve the problem so we literally have to go and message um I forgot his name Dustin on a pipie and tell him hey Dustin what's up there's a malicious

package please remove it and there's no cve to issue on malicious packages they're just getting deleted and uploaded again so about five times in a row we just reported and he deleted reported with they deleted it until the attackers got sick of it and literally just put the malicious payload like bluntly ins CER code and after that we also reported on the gab repo and he got deleted and basically that's the end of their story so I just told you a lot of scary things about the open source community and malicious packages what can you do so we believe that if we use a software it's what how responsibility to make sure that it's okay you can't blame other

people for malicious packages that you downloaded without verifying I know it's hard to hear probably because we all do it but even the attackers Behind these packages they literally wrote like in the Discord Community it's open source it's not a virus um so there's that and also we need to understand that malicious is not the same as vulnerable because vulnerability is a logical FL you know somebody by mistake without I know paying attention made a mistake maliciousness is some someone intentionally doing something bad to harm other people um so we can't issue a cve on malicious package we need to find another solution and that's it guys just don't take code from strangers without vetting

thank

you um does anyone have a question

thanks thank you

Related talks

1:03:38
Hunting Supply Chain Threats
BSidesROC · 2023
42:09
Tokens & Takeovers: Cloud-Powered Supply Chain Attacks
BSides Ahmedabad · 2025
31:18
BSidesSF 2025 - Scalably Securing Third-party Dependencies in... ( Ziyad Edher, Chris Norman)
BSidesSF · 2025
43:58
Attacking & Defending Supply Chains: How we got Admin in your Cloud, Again
BSidesSF · 2024
22:20
When is a vulnerability not a vulnerability? Overcoming the inundation of noisy supply chain security alerts
BSidesSF · 2023
46:11
Insane in the Supply Chain: Threat modeling for attacks on AI systems
BSidesSF · 2024