PyTorch was hit by a malware attack involving a spoofed version of the torchtriton package late last week. The malware is reportedly capable of stealing passwords and SHH keys from affected users.
PyTorch is an open-source machine learning framework maintained by the Linux Foundation. The organization recently disclosed that a malicious extension dubbed ‘torchtriton’ was uploaded to the platform on Friday night.
The name was identical to a legitimate extension, causing more than 2.000 end users to unintentionally download the malware. The malware can reportedly steal passwords, SHH keys and system information from developers’ endpoints. The program targeted PyPi, a service that hosts third-party extensions.
Furthermore, the malware features a mechanism that detects when the program is booted in virtual machines for security purposes such as antivirus monitoring. This helps the malware avoid detection.
PyTorch administrators have since responded to the attack. The legitimate torchtriton extension was renamed to pytorch-triton. In addition, some of the packages that depend on the file were removed until further notice. The organization is working on restoring the torchtriton file and wiping any trace left by the malware.
According to PyTorch, a total of 2,300 end users downloaded the malware variant. Pytorch-triton is a version of the AI tool with experimental features and a relatively small user base, which limited the damage. Moreover, the malicious file wasn’t attached to regular PyTorch downloads and had to be installed manually.