A Novel Software Supply Chain Attack Exploiting Java Packaging Order
Maven-Hijack is a sophisticated software supply chain attack that exploits the order in which Maven packages dependencies and how the Java Virtual Machine resolves classes at runtime. By injecting a malicious class with the same fully qualified name as a legitimate one into a dependency that is packaged earlier, an attacker can silently override core application behavior without modifying the main codebase or library names.
Exploits Maven's depth-first search packaging order and Java's classpath resolution mechanism.
Successfully demonstrated on the Corona-Warn-App, gaining control over database connection logic.
Identify a target application with two key dependencies: a 'gadget' dependency (containing the class to be hijacked) and an 'infection' dependency (which can be compromised).
Inject a malicious class with the same fully qualified name as the legitimate class into the infection dependency. This dependency must appear earlier in Maven's packaging order.
At runtime, the Java class loader loads the first matching class it finds in the classpath. The malicious class from the infection dependency is loaded instead of the legitimate one from the gadget dependency.
The attack was successfully demonstrated on Germany's coronavirus tracking application, which uses Spring Boot for its backend services.
Enforces that all classes belonging to a specific Java package must be loaded from the same archive.
Limitation: Can be bypassed if attacker includes a fully self-contained copy of the original package.
Java 9+ module system detects package collisions and fails the build process with a compilation error.
Limitation: Low adoption rate (only ~1.7% of Maven Central artifacts use modules).
When configured with banDuplicateClasses, it stops the build if duplicate classes are found.
Recommendation: Most practical and effective defense for current Java projects.
While Maven-Hijack is primarily designed for Maven, similar attacks are possible on Gradle, though significantly more challenging:
The attack is still feasible but requires the infection dependency to be at the same level as the gadget dependency and appear before it in the classpath.