Hackers Hijack Popular AI Library to Mine Crypto, Infecting Thousands of Python Users

Hackers Hijack Popular AI Library to Mine Crypto, Infecting Thousands of Python Users

Python AI Library Ultralytics Compromised in Supply Chain Attack

Two versions of the popular Python AI library Ultralytics (8.3.41 and 8.3.42) were discovered to contain malicious code that deployed cryptocurrency mining software. The compromised versions have been removed from the Python Package Index (PyPI) repository, with a new secure version now available.

Project maintainer Glenn Jocher confirmed the security breach, which was initially detected when users reported unusual CPU activity during library installation. The attack targeted the build environment, specifically exploiting a vulnerability in GitHub Actions Script Injection, as identified by security researcher Adnan Khan.

The sophisticated attack occurred after code review, creating a disparity between the PyPI-published code and the GitHub repository. The malicious pull requests came from a GitHub account “openimbot,” claiming association with OpenIM SDK.

The compromise deployed XMRig, a cryptocurrency mining software, though security experts warn that more dangerous payloads like backdoors or RATs could have been implemented. ComfyUI, which depends on Ultralytics, has updated its manager to alert users of the compromised versions.

Users are strongly advised to update to the latest version of Ultralytics, which includes enhanced security measures for the publication workflow.

Share This Article