:strip_exif()/i/2004648156.jpeg?fit=%2C&ssl=1)
The developers of the PyTorch machine learning framework are warning users that an infected and counterfeit library has been posted online. It would steal technical information from an infected system. The addiction would have been downloaded 2300 times.
Write the developers of the widely used open source machine learning framework in a blog post that an infected binary was uploaded by the attackers in the last week of the year. It’s about the PyTorch library torchtriton, which is automatically installed with the nightly release for Linux. The developers warn anyone who downloaded PyTorch-nightly via pip between December 25th and 30th to uninstall it immediately. Now a new binary file has been released which does not contain the infected library.
During that time, the attackers uploaded an infected version of torchtriton to the Python package index. That PyPI always looks at the first package loaded with a given name; if an attacker uploads an infected package, it will be included in a pip download first. It will also be one addiction confusion although such attacks are relatively rare.
In practice, this means that everyone who downloaded PyTorch nightlybinary during the week in question did not install the genuine torchtriton dependency, but the infected one. That malware could steal data from the infected system. This included information from /etc/passwd and possible ssh keys. Information with which devices can be fingerprinted is also stolen.
PyTorch developers have temporarily removed torchtriton from the nightlypackage and are in contact with PyPI to remove the malware from the binary. They also shared a SHA256 hash and described a way to check if user systems are infected.
