In yet another attack on the software supply chain, two versions of the popular Python artificial intelligence (AI) library called ultralytics were compromised to supply a cryptocurrency miner.
Versions 8.3.41 and 8.3.42, have since been removed from the Python Package Index (PyPI) repository. And after released version released a security patch that “ensures a secure publishing workflow for the Ultralytics package.”
Project maintainer Glen Jocher confirmed on GitHub that the two versions were infected by injecting malicious code into the PyPI deployment process after reports arose that the installation of the library resulted in a a sudden spike in CPU usagesign of cryptocurrency mining.
The most notable aspect of the attack is that the attackers managed to compromise the build environment associated with the project to insert unauthorized modifications after the code validation phase was completed, leading to inconsistencies in the source code published on PyPI and the GitHub repository itself.
“In this case, the intrusion into the build environment was achieved with a more sophisticated vector, by using the well-known GitHub Actions Script Injection,” – Carla Zankey of ReversingLabs. saidadding the problem to “ultralytics/actions” was marked with a flag security researchers Adnan Khanaccording to a recommendation published in August 2024.
This could allow a threat actor to create a malicious pull request and enable the extraction and execution of the payload on macOS and Linux systems. In this case, pull requests created from a GitHub account named open passionwhich claims to be associated with OpenIM SDK.
ComfyUI, which has Ultralytics as one of its dependencies, said he updated the ComfyUI manager to warn users if they are using one of the malicious versions. Users of the library are advised to update it to the latest version.
“It appears that the malicious payload was simply an XMRig miner, and that the malicious functionality was aimed at mining cryptocurrency,” Zankey said. “But it’s not hard to imagine the potential impact and damage there could be if threat actors decide to install more aggressive malware, such as backdoors or remote access trojans (RATs).”
