[kjok]

Given that these malicious images seem esoteric (only a few hundred downloads), is this even a threat? Most companies have private mirrors that protect against such attacks.

[zdgmxdgm]

what baffles me is that every time i see a mention of malicious images, the comments are always along the lines of "nobody would ever use these random images" and "isn't this why companies usually have private mirrors?".

then i go to work and i spend the majority of my week asking questions like "where is the dockerfile for this jimbob/diffusers image you're basing your work on?" or exhaust political capital on convincing leadership that it's worth our time to vendor all our dockerfiles from `scratch` up, and regularly rebuild them in ci vs just pulling them from dockerhub.

all the "if you use common sense you're fine" posts don't match my experiences in helping numerous companies un-fuck their container infrastructure

[richbell]

I agree. People tend to search for variations of "$application docker" to see if there's an existing image they can reuse. People also tend to associate search engine ranking with credibility (a big reason why ads disguised as results taking the top places is unethical, but I digress), which means that a threat actor could easily get people to use a malicious image if they write a blog post or guide and boost it with SEO.

Unless you have access to unambiguously official images, like from Red Hat, most images are "random". There are tons of popular non-official images maintained by random organizations or people (e.g., bitnami, LinuxServer) that you just have to trust.