|
|
Subscribe / Log in / New account

Stawinski: How We Executed a Critical Supply Chain Attack on PyTorch

[Posted January 15, 2024 by corbet]

John Stawinski IV describes, in detail, how he and a partner were able to compromise the security of the heavily used PyTorch project.

Our exploit path resulted in the ability to upload malicious PyTorch releases to GitHub, upload releases to AWS, potentially add code to the main repository branch, backdoor PyTorch dependencies – the list goes on. In short, it was bad. Quite bad.

As we’ve seen before with SolarWinds, Ledger, and others, supply chain attacks like this are killer from an attacker’s perspective. With this level of access, any respectable nation-state would have several paths to a PyTorch supply chain compromise.


to post comments

Stawinski: How We Executed a Critical Supply Chain Attack on PyTorch

Posted Jan 15, 2024 18:21 UTC (Mon) by carlosrodfern (subscriber, #166486) [Link]

I am glad supply chain attacks are getting plenty of attention. Those have some serious blasts.

Stawinski: How We Executed a Critical Supply Chain Attack on PyTorch

Posted Jan 15, 2024 19:45 UTC (Mon) by ewen (subscriber, #4772) [Link]

The related December 2023 article, by another of the collaborators, linked from the article above, also has lots of good detail on the risks of persistent CI action runners that aren’t fully locked down:

https://adnanthekhan.com/2023/12/20/one-supply-chain-atta...

And includes a list of several projects where they found problems. Of which PyTorch was just the first in the list.

Ewen


Copyright © 2024, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds