A recent cybersecurity investigation has uncovered that the ultralytics AI library was compromised, resulting in the distribution of a cryptocurrency mining program.

Compromise Details

According to ReversingLabs, the breach stemmed from a vulnerable GitHub Actions script within the library’s build environment. This particular vulnerability allowed attackers to inject malicious code, enabling them to deploy the XMRig cryptocurrency miner through version 8.3.41 of ultralytics on the Python Package Index (PyPI) as of December 4. The attackers adopted an advanced strategy to insert harmful code, circumventing normal code review procedures. ReversingLabs noted, “Unlike the recent npm @solana/web3.js incident linked to a maintainer account breach, this exploit involved a sophisticated vector through a known GitHub Actions Script Injection.”

Method of Attack

Security researcher Adnan Khan had previously highlighted the vulnerability exploited in this breach. The attackers manipulated pull requests by embedding malicious code in branch titles to execute arbitrary commands within the build environment.

Potential Impact

With over 30,000 stars on GitHub and approximately 60 million downloads on PyPI, the ultralytics library commands a significant user base. The severity of the situation increased when a corrective release, version 8.3.42, also contained the same malicious payload. A secure version, 8.3.43, was finally pushed out later the same day. While the attack primarily focused on installing a cryptocurrency miner, researchers expressed concerns that the technique could have been utilized to deploy more dangerous malware, such as backdoors or remote access Trojans. The attack specifically targeted files downloads.py and model.py to determine system conditions and execute targeted payloads.

Suspected Origins

The attack was traced back to a GitHub account known as openimbot, which exhibited suspicious activity indicative of a potential account takeover. By embedding malicious code in branch names, the attackers unlocked a means to manipulate the build environment via crafted pull requests. For related insights on software supply chain risks, see the latest analysis by the Cybersecurity and Infrastructure Security Agency (CISA).

The link has been copied!