Security researchers discovered that two versions of the popular Python AI library Ultralytics were compromised to distribute cryptocurrency mining malware. The affected versions 8.3.41 and 8.3.42 have been removed from the Python Package Index (PyPI) repository.
Users reported unusual spikes in CPU usage after installing these versions, which led to the discovery of unauthorized cryptocurrency mining code. Glenn Jocher, the project maintainer, confirmed on GitHub that malicious code had been injected into the PyPI deployment workflow.
The attackers employed a sophisticated cyber attack to breach the build environment, exploiting a known vulnerability in GitHub Actions Script. This allowed them to modify the code after the review process, creating a mismatch between the PyPI package and the GitHub repository code.
The malicious pull requests came from a GitHub account called "openimbot" claiming association with OpenIM SDK. The injected code deployed XMRig, a cryptocurrency mining program, though security experts warn that more dangerous malware could have been distributed through similar methods.
ComfyUI, which uses Ultralytics as a dependency, has updated its manager to alert users running compromised versions. A new version of Ultralytics has been released with enhanced security measures for the publication workflow.
Users are strongly advised to upgrade to the latest version of the library immediately. While this incident resulted in cryptocurrency mining, security researchers emphasize that similar attacks could potentially distribute more harmful malware like backdoors or remote access trojans.
The breach highlights ongoing security challenges in software supply chains and the need for robust protection measures in development workflows.