news.volyx.in

Tell HN: Litellm 1.82.7 and 1.82.8 on PyPI are compromised (github.com)

938 points by dot_treo · 114 days ago · 500 comments on HN

Article summary

The PyPI package litellm version 1.82.8 has been compromised with a malicious .pth file that steals credentials and sensitive data. The malware is triggered automatically when the Python interpreter starts, without requiring an import statement. The compromised package affects local development machines, CI/CD pipelines, Docker containers, and production servers. Users are advised to check for the malicious file, rotate credentials, and audit their PyPI publishing credentials and CI/CD pipeline for compromise.

Main themes

  • PyPI package compromise
  • Credential stealing malware
  • Supply chain attack
  • GitHub security
  • Spam comments and discussion stifling

What commenters say

  • The compromise of the litellm package is a serious issue that affects many users and requires immediate attention and action.
  • The presence of spam comments in the GitHub discussion thread is likely an attempt to stifle genuine discussion and hide the issue.
  • Some users believe that large companies benefit from spam and do not have an incentive to effectively address the issue, while others argue that it is a hard problem to solve at scale.
  • The compromise of GitHub accounts and the posting of spam comments may be related to the credential-stealing malware and could be part of a larger attack.
  • The handling of compromised accounts by GitHub, including deletion, has raised concerns about the policy and potential impact on legitimate users.
  • The attack is seen as a common and straightforward hack, rather than a sophisticated or particularly interesting one.
  • The use of simple filters or regex could potentially catch spam comments, but may also result in false positives and require careful consideration.
  • The compromise of the litellm package and the subsequent spam comments have highlighted the need for improved security measures and better handling of malicious activity on GitHub.