Security News > 2023 > January > PyTorch dependency poisoned with malicious code

An unknown attacker used the PyPI code repository to get developers to download a compromised PyTorch dependency that included malicious code designed to steal system data.

Developers who last week downloaded the nightly builds of the open source PyTorch framework also unknowingly installed a malicious version of the torchtriton dependency found in the Python Package Index, according to PyTorch's maintainers.

The dependency confusion attack included uploading a copy of torchtriton - a legitimate dependency - that was laced with malware to PyPI, an online repository of packages for Python developers.

The compromised torchtriton package came with the same name as the one PyTorch maintainers ship on the PyTorch nightly package index.

"This design enables somebody to register a package by the same name as one that exists in a third party index, and pip will install their version by default. This malicious package has the same name torchtriton but added in code that uploads sensitive data from the machine."

The PyTorch maintainers have taken several steps to fix the issue, including removing torchtriton as a dependency for the nightly packages and replacing it with pytorch-triton.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/01/04/pypi_pytorch_dependency_attack/