HQ/EMEAFind out how we can help your business
Threat actors have started to exploit the Ultralytics YOLO11 AI model to execute a supply chain campaign that would launch cryptominers on devices operating on versions 8.3.41 and 8.3.42 of the Python Package Index (PyPI).
The affected software is a development business specialising in computer vision and artificial intelligence (AI), especially object recognition and picture processing.
Moreover, this tech entity is open source and used in various sectors and applications. The library has gathered positive reviews and forked 6,500 times on GitHub, receiving over 260,000 downloads from PyPI.
Users who downloaded the vulnerable Ultralytics versions are in danger of installing a cryptominer.
The released Ultralytics 8.3.41 and 8.3.42 earlier this week could have baited users who installed the compromised versions directly or as a dependency to realise that a cryptominer had been installed.
Ultralytics is a dependency of both SwarmUI and ComfyUI, and both confirmed that installing their libraries installed the miner. Once installed, the compromised library installs and begins an XMRig Miner that connects to a mining pool at “connect.consrensys[.]com:8080”.
On the other hand, Ultralytics’ founder and CEO revealed that the problem only affects the two compromised versions, which have now been removed and replaced with a clean 8.3.43 version.
Hence, the software developers confirm that Ultralytics versions 8.3.41 and 8.3.42 were affected by a malicious code injection aimed at cryptocurrency mining. As of now, the new 8.3.43 version addresses the security vulnerability.
Furthermore, the affected software team is conducting a thorough security examination and implementing extra protections to prevent a similar incident from happening again. As of now, they are investigating the root cause and potential vulnerabilities in the Ultralytics build environment to determine how the hackers compromised the software.
However, the CEO stated that the compromise appears to have resulted from two malicious PRs with code injection in the branch names sent by a hijacker that allegedly originates from Hong Kong.
It is still a mystery whether the threat actor used the malicious code for crypto mining or to compromise private user data. Hence, concerned parties are forced to wait for a formal breach advisory to clarify the exploit’s details. Lastly, those who have already downloaded the malicious Ultralytics versions should run a comprehensive system scan to detect any malicious payloads that could threaten users’ safety.
