Type
Incident
Actors
Pub. date
December 31, 2022
Initial access
Supply chain vector
Impact
Supply chain attackData exfiltration
Observed techniques
References
Status
Stub
Last edited
Oct 8, 2025 12:38 PM
PyTorch-nightly Linux packages installed via pip between December 25th and December 30th, 2022 ran a malicious binary. The malicious binary was introduced by a dependency, torchtriton, that was vulnerable to dependency confusion. The malicious payload gathered system information and files, and exfiltrated them via encrypted DNS queries to *.h4ck[.]cfd
. The creator of the copied package has stated they had no malicious intent and have since deleted all the collected data.