These last few weeks, I’ve been working on a problem that had plaintext credentials in the equation. Working on the security and design side of things made me remember this news I saw a month or two ago about a credential stealing worm.
At first, this video was going to be a comprehensive guide to securing against this worm, but the more I read about it, the more it becomes clear that the Cloud credentials are only part of the puzzle and there’s not a lot to be done by a single dev or a small organisation to be ready for attacks like this. And obviously, the more paranoid I’ve become since.
so, instead of a comprehensive guide, let’s just talk about Shai-hulud, the old man of the desert.
What Shai-Hulud is
Shai-hulud is a malware that behaves like a worm, something that wreaks havoc, and multiplies at the same time. Despite its behaviour, I really like the name, Dune is one of my favourite sci-fi universes. I’m even going through the prequals and sequals these days.
Unfortunately, the name is the only thing to adore about this situation. For me, it’s one of the scariest things in existence. The worm targets local developer environments, and it has a very real chance of gaining access through trusted established libraries.
Let’s go the whiteboard a minute, explore this worm, see it’s destructive beauty in design.
excalidraw session