Roll Back and Block the Compromised Release
Prevent further distribution and execution of the compromised release while preserving evidence for analysis. Pin clean versions, quarantine compromised binaries, freeze CI/CD pipelines that could redeploy the bad version, and revoke signing material used maliciously.
Actions
- 1
Pin safe-version constraints in package manifests: npm (`"pkg": "<version-safe>"` with lockfile update), pip requirements, Go modules `replace` directives; commit lockfile updates and block merges that revert.
- 2
Publish internal proxy/repo denylist for the malicious version(s): JFrog Artifactory `excluded patterns`, Nexus routing rules, internal PyPI mirror blocklists, npm registry `deprecate` of tenant-mirrored copies.
- 3
Freeze CI/CD pipelines that may redeploy infected containers: disable auto-deploy on affected repos; add a temporary admission check that rejects images built from the malicious release window.
- 4
For image-based deployments: list and stop running containers whose image digest matches the known-bad build; cordon and drain Kubernetes nodes that scheduled known-bad workloads.
- 5
If signing material was attacker-controlled, revoke the signing key/certificate (code-signing CA revocation, Cosign key rotation, Authenticode certificate revocation) and publish the revocation through internal and external channels.
- 6
Block IoC C2 infrastructure at the firewall, proxy, and DNS layer; add the hashes/domains to EDR custom IoC feeds.
Queries
DeviceProcessEvents | where SHA256 in~ (<malicious-hashes>) | project Timestamp, DeviceName, AccountName, ProcessCommandLine | summarize by DeviceName
kubectl get pods -A -o json | jq '.items[] | select(.spec.containers[].image | contains("<bad-image-digest>")) | {ns:.metadata.namespace, name:.metadata.name}'index=artifactory action=download artifact="<compromised-pkg>" version IN (<bad-versions>) earliest=<release-ts> | stats count by user, repo, build_id
Notes
Do not silently delete the malicious artifact from internal registries -- mark it as blocked and preserve a forensic copy in a chain-of-custody container for later analysis.
Signing-material revocation may break unrelated legitimate workloads; coordinate with platform engineering before pulling the trigger.
Attackers sometimes ship the malicious code only when a post-install hook runs; blocking install is necessary but not sufficient -- also hunt for already-installed artifacts.