PowerShell Gallery Prone to Typosquatting, Other Supply Chain Attacks

Microsoft is aware of the issue, but so far its attempts to address it dont appear to have worked, researchers say.

[Editors Note: This article was updated on 8/18/2023 with a response received from Microsoft]
Microsofts PowerShell Gallery presents a software supply chain risk because of its relatively weak protections against attackers who want to upload malicious packages to the online repository, according to researchers at Aqua Nautilus.
They recently tested the repositorys policies regarding package names and owners and found that a threat actor could easily abuse them to spoof legitimate packages and make it hard for users to identify the true owner of a package.
If your organization uses PowerShell modules from the gallery, we suggest only using signed PowerShell modules, utilizing trusted private repositories, and exercising caution when downloading new modules/scripts from registries, says Yakir Kadkoda, lead security researcher at Aqua. Second, we advise similar platforms to the PowerShell Gallery to take necessary steps to enhance their security measures. For instance, they should implement a mechanism that prevents developers from uploading modules with names too similar to existing ones.
Kadkoda says Microsoft acknowledged the issues when informed about them and claimed it had addressed two separate issues, once in February 2022 and a second time this past January. However, weve continued to check, and these issues still exist as of Aug. 16, he says.
Microsoft said it added functions to find and eradicate malicious packages. Were aware of this report and have determined that it relies on social engineering to be successful. However weve implemented some changes to help identify and remove these packages, a Microsoft spokeswoman said in an emailed statement to Dark Reading after this story was published. We encourage users to report any packages they suspect are malicious via the Report link on the package module.
Microsoft said it will continue to monitor for malicious activity on PowerShell Gallery and take defense-in-depth measures to keep customers protected.
PowerShell Gallery is a widely used repository for finding, publishing, and sharing PowerShell code modules and so-called desired state configuration (DSC) resources. Many of the packages on the registry are from trusted entities, such as Microsoft, AWS, and VMware, while many others are from community members. There have been more than 1.6 billion package downloads from the repository so far this year alone.
One issue that Aqua discovered was the lack of any kind of protection against typosquatting, a deception technique that threat actors have increasingly used in recent years to trick users into downloading malicious packages from public software repositories. Typosquatters typically use names that are phonetically similar to names of popular and legitimate packages on public repositories, such as npm, PyPI, and Maven. They then rely on users making typos when searching for these packages and downloading their malicious package instead. The technique has become a common software supply chain attack vector.
Aqua found PowerShell Gallerys policies did little to protect against such deception. For instance, the names of most Azure packages on the repository followed a specific pattern, namely, Az.. However, some other very popular Azure packages such as Aztable did not follow the pattern and did not have a dot in the name.
Aqua found that there are no restrictions on the prefixes that package developers can use when naming their packages. For example, when Aquas researchers crafted a nearly perfect replica of Aztable and labeled it Az.Table, they had no problem uploading the proof-of-concept (PoC) code to PowerShell Gallery. Callback code that Aqua included in the PoC showed that several hosts across various cloud services had downloaded the package in the first few hours alone.
In our opinion, other registries have more protective measures, Kadkoda says. For instance, npm, another registry platform by Microsoft, uses Moniker rules specifically designed to combat typosquatting, he says. One example: Since a package named react-native already exists on npm, no one labels their module with variation such as reactnative, react_native, or react.native.
Another problem that Aqua uncovered with PowerShell Gallerys policies is how they allowed a threat actor to make a malicious package appear legitimate by faking crucial details such as the Author(s), Description, and Copyright fields. An attacker can freely choose any name when creating a user in the PowerShell Gallery, Aqua said in its blog post. Therefore, determining the actual author of a PowerShell module in the PowerShell Gallery poses a challenging task.
Unsuspecting users who find these packages on PowerShell Gallery can easily be deceived into believing that the author of the malicious package is a legitimate entity, such as Microsoft, Aqua said.
In addition, Aquas analysis showed that one API in PowerShell Gallerys basically gave threat actors a way to find unlisted modules on the registry — and potentially any sensitive data associated with those modules. Typically, an unlisted module is private and should not be something that an attacker would be able to find via a search of the repository. Aqua researchers found they could not only pull up such modules, they also found one that contained sensitive secrets that belonged to a large technology company.
Kadkoda says there is no evidence to suggested that threat actors have leveraged these weaknesses to sneak malicious package into PowerShell Gallery. However, the threat is real. Its important to note that, according to Microsoft, they scan PowerShell modules/scripts uploaded to the gallery, Kadkoda says. This is a good measure to block malicious uploads. However, it remains a cat-and-mouse game between Microsofts solution and attackers.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
PowerShell Gallery Prone to Typosquatting, Other Supply Chain Attacks