low

AWS package backfill attack

Published Sun, May 1st, 2022
Platforms

Summary

Two malicious versions were created of packages previously used by AWS. The packages were officially authored and maintained by AWS before they were removed by their legitimate author, and once the packages were removed, their names became available and the two packages were then populated with malicious code. If AWS-deployed software had any dependencies on these packages, this would have led to a dependency confusion attack.

Affected Services

N/A

Tracked CVEs

No tracked CVEs

References

Disclosure Date
Sun, May 1st, 2022
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Discovered by
Mend Diffend