Summary:
On December 4, a malicious version of the AI library ultralytics was released on PyPI, containing code that downloaded the XMRig coinminer. The compromise was due to a GitHub Actions script injection, leading to a supply chain attack that affected millions of users. Despite attempts to rectify the issue, a subsequent version also contained malicious code before a clean version was finally released.
#SupplyChainAttack #PythonPackage #MaliciousCode
On December 4, a malicious version of the AI library ultralytics was released on PyPI, containing code that downloaded the XMRig coinminer. The compromise was due to a GitHub Actions script injection, leading to a supply chain attack that affected millions of users. Despite attempts to rectify the issue, a subsequent version also contained malicious code before a clean version was finally released.
#SupplyChainAttack #PythonPackage #MaliciousCode
Keypoints:
Malicious version 8.3.41 of the ultralytics AI library was published on December 4.
The malicious package contained downloader code for the XMRig coinminer.
The compromise was achieved through a known GitHub Actions script injection.
Version 8.3.42, intended to fix the issue, also contained malicious code.
A clean version, 8.3.43, was released on the same day to resolve the attack.
The incident had the potential to impact a large user base with 60 million downloads.
The attack vector involved malicious pull requests that executed arbitrary code.
The user account behind the attack, openimbot, showed a history of inactivity before the incident.
Behavioral analysis revealed changes in specific files indicating the presence of malicious code.
The malicious payload was primarily aimed at cryptocurrency mining.
MITRE Techniques:
Supply Chain Compromise (T1195): Exploited the build environment of the ultralytics project to inject malicious code.
Code Injection (T1059): Utilized GitHub Actions script injection to execute arbitrary code through crafted pull requests.
Remote Access Tools (T1219): Established backdoor access to the compromised environment after executing the malicious payload.
IoC:
[File Name] ultralytics-8.3.41
[File Name] ultralytics-8.3.42
[File Hash] ee304a92a9e68e7923d7a37a370c7556ac596250
[File Hash] 7c6136cf4e857582c2f086673359be94e7e4b702
[File Hash] dd0577b10e73792f2b2315af63b872fe4123ec9c
[File Hash] bea3060707e6f3fec47aa2af64ea2e774b56e9f5
Full Research: https://www.reversinglabs.com/blog/compromised-ultralytics-pypi-package-delivers-crypto-coinminer