DEV Community

Rémi Lavedrine
Rémi Lavedrine

Posted on • Updated on

Dependency Confusion - How can you hack Apple, Microsoft and dozens of other companies?


A security researcher and his team have successfully deployed malware within the source code of companies known to be at the top of computer security, such as Apple, Microsoft, Paypal or Shopify.

Indeed, not really amateurs in terms of know-how to develop software in a secure way.

Well despite this, this researcher has managed to go through all the defenses of his companies simply by going through the development libraries that all developers use so as not to have to constantly reinvent the wheel.

By injecting malware into these libraries, he only had to wait for an update within these companies to be deployed without doing anything.
Unstoppable.

We talk about it in this video and I explain how to avoid falling into the trap yourself.

And you, have you ever thought about this kind of attack method on your software?


If you like this content, push the like button, that helps spread the message. 👍🏼
If you think it can be useful to anyone in your network, share it. 📨


Video produced by Wild & Secure, your consulting firm to all things security and real estate.
If you want to receive weekly quality content about security, subscribe to our newsletter on our website.

Discussion (0)