HomeGamingPopular Python AI library hacked to generate malware

Popular Python AI library hacked to generate malware

Top News Bulletin

December 9, 2024

A PyPI package for an AI model was compromised and used to deliver malware
The victims were installing XMRig, a popular crypto miner
The attack has since been addressed, but users were warned to be on their guard.

Ultralytics YOLO11, an artificial intelligence model for computer vision and object detection, was compromised in an apparent supply chain attack and used to deploy malware on victims' devices.

The attack was confirmed by the company's founder, who also said that the incident was fixed and the malicious version was removed; However, it seems that new malicious versions have reappeared.

YOLO11 (short for You Only Look Once) is an AI model designed for real-time computer vision tasks such as identifying objects, analyzing images, and detecting poses. The service is quite popular, having been featured over 30,000 times, forked on GitHub over 6,000 times, and has hundreds of thousands of downloads a day.

Newer attacks

There, an unidentified threat actor recently broke into the account and uploaded two versions: 8.3.41 and 8.3.42. Those who upgraded to these versions, either directly or through a dependency, ended up with a cryptocurrency miner on their devices.

See also The PlayStation 6 chip was chosen in 2022, in part for backward compatibility

The installed miner is called XMRig and is by far the most popular cryptojacker out there. XMRig is known for generating Monero (XMR), a privacy-oriented currency that is difficult to trace.

Ultralytics founder and CEO Glenn Jocher confirmed the attack and said it had been fixed: “We confirm that Ultralytics versions 8.3.41 and 8.3.42 were compromised by a malicious code injection targeting cryptocurrency mining .Both versions were immediately removed from PyPI.” Jocher posted on GitHub. “We have released version 8.3.43 which addresses this security issue. Our team is conducting a full security audit and implementing additional security measures to prevent similar incidents.”

However, over the weekend beepcomputer said there were reports from users of even newer versions: 8.3.45 and 8.3.46, which were “trojanized.” At the time of this post, GitHub shows 8.3.48 as the newest version.

Through beepcomputer

you may also like

RELATED

Top News Bulletin https://topnewsbulletin.online

Top News Bulletin was founded by RankMagus, a top digital marketing agency in Kolkata, India, with a clear mission: to provide timely, accurate, and comprehensive news coverage. We believe staying informed is not just important—it's essential in today’s fast-paced world. That’s why we’re committed to delivering breaking news, in-depth analysis, and insightful commentary on a variety of topics, including politics, business, technology, sports, culture, and more. Our team of dedicated journalists and editors works around the clock to ensure that you get the most relevant and accurate news when you need it. At Top News Bulletin, we go beyond the headlines to bring you a deeper understanding of the stories shaping our world. With a commitment to journalistic integrity, we strive to maintain the highest standards of accuracy, objectivity, and fairness in all of our reporting. Whether you're seeking the latest developments in global politics, the newest trends in technology, or thoughtful perspectives on current events, Top News Bulletin is here to keep you informed and engaged. Stay connected with Top News Bulletin—your trusted source for real news, real fast.

Previous article

Ranking the best and worst movies based on Broadway musicals, starting with Wicked

Next article

Sonakshi Sinha wished Shatrughan Sinha on his 79th birthday in a very special way.

Similar Articles

Comments

LEAVE A REPLY Cancel reply

Please enter your comment!

Please enter your name here

You have entered an incorrect email address!

Please enter your email address here

Most Popular