One-fifth of Docker Hub repositories are malicious, researchers find


Nearly three million repositories on Docker Hub, a platform for web developers to collaborate on their code for web applications, contain malicious content, security researchers at JFrog have found.

Malicious actors plant millions of repositories without any images, that do, however, contain malicious metadata. This can range “from simple spam that promotes pirated content to extremely malicious entities such as malware and phishing sites, uploaded by automatically generated accounts.”

Docker Hub is a cloud-based repository for container images, offering both public and private storage and collaboration solutions.

A repository contains text descriptions and metadata on top of the container data. A public repository also acts as a community platform, it allows users to search and discover images for their projects.

Malicious actors quickly realized they could exploit the documentation features to deceive users into visiting malicious websites.

The JFrog researchers found that 4.6 million, or 30% of all public repositories were imageless. They also revealed that 2.81 million repositories could be linked to three large-scale malware campaigns operating on Docker Hub:

  • The “Downloader” campaign uses fake URL shorteners to redirect users to malware downloads. 9,309 users created 1,453,228 such repositories or 9.7% of all repositories on Docker Hub.
  • The “eBook Phishing” campaign promises free eBooks with randomly generated descriptions but instead steals users' credit card information and enrolls users in costly subscriptions. 1,042 users created 1,069,160 such repositories or 7.1% of all repositories on Docker Hub.
  • The “Website SEO” campaign has no clear goal, as the content of repositories is mostly harmless. Only one repository was created per user. Random phrases without any other information were likely used to boost SEO. 194,699 users created 215,451 repositories (1.4%).

Some of the malicious repositories were active for more than three years.

“The Docker security team quickly removed all of the malicious and unwanted repositories from Docker Hub,” the report reads.

Users are advised to prefer Docker images marked as trusted content, which is curated and maintained by reputable sources. The “Docker Official Image” tag means the repositories are maintained by well-known software development foundations, organizations, and companies, such as Python, Ubuntu, and Node.

The “Verified Publisher” tag marks repositories that are part of the Docker Verified Publisher Program. The “Sponsored OSS” tag is assigned to open-source projects sponsored by Docker Hub.

The Cybernews research team previously discovered that thousands of repositories on Docker Hub also contain tokens, API keys and other secrets exposing sensitive information.