pytorch
PyTorch nightly builds compromised via malicious dependency
PyTorch nightly builds were compromised when a malicious torchtriton package was uploaded to PyPI and won dependency resolution over the intended internal package. The poisoned dependency executed during installation, exfiltrating sensitive build environment data and showing how one namespace collision can bend a trusted ML build.
- Date
- 2022-12-25 to 2022-12-30
- Category
- Open Source
- Target Surface
- Package registry
- Insertion Phase
- dependency
- Impact
- Data Exfiltration
- Cause
- Malicious Dependency
What Was Affected
Package
pytorch
LanguagePython
ComponentLibrary
Artifact typesource archive
Domain typepackage host
Domain
pypi.org
Repository
github.com/pytorch/pytorch
Compromised Versions
Incident Context
- Motive
- Credential Theft
- Attribution
- Individual Hacker
- Transitive
- Yes
- Observed Duration
- 5 days
Evidence
Compromised Artifacts
Current Artifacts and Analysis
Indicators and Changes
Hashes
sha256:919118939367690c239923b9748520c261503865094823459177886619378916
External References
Source Data
Source record: oss/pytorch/meta.yaml