If you downloaded PyTorch-nightly on Linux via pip between Dec. 25, 2022, and Dec. 30, 2022, you've got trouble.
Someone, we still don’t know who, uploaded a poisoned Python Package Index (PyPI) dependency that hid under the real dependency name, torchtriton. Once in place, the fake torchtriton 3.0.0 would run a malicious binary.
Once in place, this would grab the following system information:
- nameservers from /etc/resolv.conf
- hostname from gethostname()
- current username from getlogin()
- current working directory name from getcwd()
- environment variables
- Read the following files
- /etc/hosts
- /etc/passwd
- The first 1,000 files in $HOME/*
- $HOME/.gitconfig
- $HOME/.ssh/*
- Upload all of this information, including file contents, via encrypted DNS queries to the domain *.h4ck[.]cfd, using the DNS server wheezy[.]io.
