Type
Incident
Actors
Unknown
Pub. date
December 31, 2022
Initial access
Supply chain vector
Impact
Supply chain attackData exfiltration
Observed techniques
Package dependency confusion
References
https://pytorch.org/blog/compromised-nightly-dependency/https://www.wiz.io/blog/malicious-pytorch-dependency-torchtriton-on-pypi-everything-you-need-to-know
Status
Stub
Last edited
Oct 8, 2025 12:38 PM
PyTorch-nightly Linux packages installed via pip between December 25th and December 30th, 2022 ran a malicious binary. The malicious binary was introduced by a dependency, torchtriton, that was vulnerable to dependency confusion. The malicious payload gathered system information and files, and exfiltrated them via encrypted DNS queries to *.h4ck[.]cfd. The creator of the copied package has stated they had no malicious intent and have since deleted all the collected data.