Threat Detection

Dependency Confusion Detection

Attackers register packages on public registries using names that match a company's internal packages. Package managers then install the public version instead of the private one, executing malicious code in your build environment.

Get Protected Read the Docs

How Dependency Confusion Works

Dependency confusion exploits the way package managers resolve package names. When a project depends on company-utils-internal, the package manager checks both the private registry and the public registry. If an attacker publishes company-utils-internal on the public registry with a higher version number (e.g., v999.0.0), many package managers will prefer the public version.

This attack was famously demonstrated by Alex Birsan in 2021, who used it to gain code execution at Apple, Microsoft, PayPal, and dozens of other companies. The technique requires no social engineering — just knowledge of an organization's internal package names, which are often discoverable through open-source code, error messages, or job postings.

How Hextrap Detects It

Hextrap monitors every newly published package for naming patterns that indicate dependency confusion attempts:

  • Internal-looking names: Packages containing -internal, -private, -corp, -dev, or company-specific suffixes/prefixes
  • Suspicious version numbers: First versions published at v99.0.0 or higher, especially when combined with internal-looking names
  • No legitimate metadata: Missing documentation, homepage, or repository links combined with naming red flags

When a dependency confusion signal is raised, the firewall blocks the package and logs the event for review.

Defense Strategies

While Hextrap's automated detection catches many dependency confusion attempts, the strongest defense is an allow list. By specifying exactly which packages your team is permitted to install, any attacker-published package — regardless of its name — is blocked by default.

For organizations using private registries, configuring your package manager to route through Hextrap ensures that even if an attacker publishes a public package with the same name, the firewall evaluates it against your security policies before it can be installed.

HIGH Severity
Signal Type
DEPENDENCY_CONFUSION
Detection Phase
Phase 1 (Inline)
Registries
PyPI, npm, Go
Method
Naming pattern analysis + version heuristics

Real-World Example

$ npm install company-utils-internal

ERROR: Package blocked by Hextrap
Reason: Dependency confusion
  Name: company-utils-internal
  Version: 999.0.0 (first publish)
  Signal: DEPENDENCY_CONFUSION (HIGH)

Stop Dependency Confusion Attacks

Combine allow lists with automated detection for complete protection

Get Started See All Threat Signals