Security researchers have exposed the widespread abuse of Docker Hub as a mechanism to deliver malware and phishing scams.

JFrog discovered three large-scale malware campaigns targeting Docker Hub that involved planting millions of “imageless” repos with malicious metadata. Around one in five (20%) of all Docker Hub repos were abused to create jumping off points for scams, researchers at the software supply chain specialist discovered.

Out of a total of 4.6 million imageless repositories, three million were abused in one way or another.

Docker and JFrog worked together to identify and scrub away the rogue repos prior to going public with their findings in a technical blog post, published on Tuesday.

Repo Madness

Docker offers a platform that uses virtualisation technology to deliver software in packages known as containers. The malicious software repositories created by as-yet unidentified cybercriminals were largely created in two waves during 2021 and last year.

JFrog told SC UK that all the malicious repositories it identified were active. The resources were created in an attempt to manipulate users into following links to external malicious resources via the repositories' description pages.

A variety of scams were in play: The most prominent campaign redirected users to an external platform that served binary executables, as the first stage of an attack that JFrog dubbed a Downloader Campaign.

These binaries then communicate with a command and control server, which served the infected machine with other payloads.

A separate eBook Phishing Campaign, which disguises itself as pages to allow eBook downloads, contains links which redirects the user to a websites that steal credit card data, after promising the user they could download an eBook.

The last set of malicious repositories, and the smallest one, contains repositories which led the users to various schemes to steal credit card data.

Search and Destroy

JFrog's security research team came across the abuse during its routine monitoring of open source repositories such as Docker Hub and others for malicious content and activity.
“In this case, what drew our attention was the fairly large amount of imageless repositories,” a JFrog spokesperson told SC UK. “Once we started digging, we found that many of those repositories contained links to external resources, which turned out to be actually malicious.”

JFrog added: “Unfortunately, we're unable to say who's behind these attacks.”

In response to the abuse, the option to put links in imageless repositories' description pages has been disabled, thwarting the main avenue of attack.

Software developers should only use repositories from trusted sources, JFrog advised. Docker Hub's tags for Trusted Content: Docker Official Image, Verified Publisher and Sponsored OSS badges, for example, offer some degree of assurance.

JFrog’s senior director of security research, Shachar Menashe, told SC UK: “The best and only way to protect yourself is to exercise caution when using public repositories, even when it's a platform that isn't known to be abused.”

Scale Up

Although it has identified comparable scams on different platforms, the scale of the abuse on Docker Hub makes it stand out.

“There have been cases in which open source repositories such as NuGet and NPM were used in the same way – to spread spam links through packages' description pages,” according to JFrog. “However, the scale of these campaigns on Docker Hub is unusual, as we're looking at millions of repositories.”

Countermeasures

Robin Wood, a UK-based security consultant, told SC UK that the abuse by criminals of trusted sites such as Docker is easier, cheaper and potentially more effective for cybercriminals.

“It is much easier for a criminal to use a trusted site to host the content than to have to spin up a site of their own,” Wood explained. “Putting content on Docker Hub is free, and as it has a good reputation it is unlikely to be blocked by corporate firewalls or any home security software.”

Criminals have only been getting away with abusing Docker Hub for an extended period because “defenders haven't been looking for it”.

Docker’s clampdown, aide by Jfrog research, means Docker is no longer a safe haven for scams but the end result will probably be only to force criminals into abusing other platforms rather than curtailing scams, according to Wood.

A combination of taking advantage of better content screening mechanisms by using artificial intelligence and making it easier for users to report bad content would offer platforms such as Docker Hub improved scam mitigation, Wood concluded.

John Leyden Journalist