Home Security PyTorch Machine Studying Framework Compromised with Malicious Dependency

PyTorch Machine Studying Framework Compromised with Malicious Dependency

by crpt os


Jan 02, 2023Ravie LakshmananSupply Chain / Machine Learning

The maintainers of the PyTorch package have warned users who have installed the nightly builds of the library between December 25, 2022, and December 30, 2022, to uninstall and download the latest versions following a dependency confusion attack.

“PyTorch-nightly Linux packages installed via pip during that time installed a dependency, torchtriton, which was compromised on the Python Package Index (PyPI) code repository and ran a malicious binary,” the PyTorch team said in an alert over the weekend.

PyTorch, analogous to Keras and TensorFlow, is an open source Python-based machine learning framework that was originally developed by Meta Platforms.

The PyTorch team said that it became aware of the malicious dependency on December 30, 4:40 p.m. GMT. The supply chain attack entailed uploading a malicious version of a legitimate dependency named torchtriton to the Python Package Index (PyPI) code repository.

Since package managers like pip check public code registries such as PyPI for a package before private registries, it allowed the fraudulent module to be installed on users’ systems as opposed to the actual version pulled from the third-party index.

The rogue version, for its part, is engineered to exfiltrate system information, including environment variables, the current working directory, and host name, in addition to accessing the following files –

  • /etc/hosts
  • /etc/passwd
  • The first 1,000 files in $HOME/*
  • $HOME/.gitconfig
  • $HOME/.ssh/*

In a statement shared with Bleeping Computer, the owner of the domain to which the stolen data was transmitted claimed it was part of an ethical research exercise and that all the data has since been deleted.

As mitigations, torchtriton has been removed as a dependency and replaced with pytorch-triton. A dummy package has also been registered on PyPI as a placeholder to prevent further abuse.

“This is not the real torchtriton package but uploaded here to discover dependency confusion vulnerabilities,” reads a message on the PyPI page for torchtriton. “You can get the real torchtriton from https://download.pytorch[.]org/whl/nightly/torchtriton/.”

The development also comes as JFrog disclosed details of another package known as cookiezlog that has been observed utilizing anti-debugging techniques to resist analysis, marking the first time such mechanisms have been incorporated in PyPI malware.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex