SentinelLabs security researchers have discovered a software chain supply attack intended at Rust developers, including malware designed to compromise GitLab Continuous Integration (CI) pipelines.
CrateDepression is a campaign that combines typosquatting and impersonating a well-known Rust developer to spread a malicious ‘crate’ posted on the Rust-dependent community repository. The malicious crate was quickly identified and destroyed, but SentinelLabs researchers discovered a second-stage payload that was developed exclusively for Gitlab CI pipelines, indicating the possibility of larger-scale supply-chain attacks.
An investigation by the crates.io security team and the Rust Security Response working group brought out 15 iterative versions of the malicious ‘rustdecimal’ as the attacker(s) tried multiple tactics and enhancements, according to SentinelLabs.
Read More: https://www.securityweek.com/researchers-spot-supply-chain-attack-targeting-gitlab-ci-pipelines