December 6, 2024 at 01:57PM
The Ultralytics YOLO11 AI model was compromised in a supply chain attack, deploying cryptominers via versions 8.3.41 and 8.3.42 on PyPI. Users installing these versions faced account bans. The company has released a clean version 8.3.43 and is conducting a security audit to prevent future incidents.
**Meeting Takeaways: Ultralytics YOLO11 Compromise**
1. **Incident Overview**: The Ultralytics YOLO11 AI model was compromised through a supply chain attack, specifically affecting versions 8.3.41 and 8.3.42 available on the Python Package Index (PyPI).
2. **Nature of Compromise**: The attack deployed cryptominers on devices, utilizing the XMRig Miner. Users who accidentally installed these versions experienced their Google Colab accounts being flagged for “abusive activity.”
3. **Affected Dependencies**: Both SwarmUI and ComfyUI confirmed that their libraries rely on the compromised Ultralytics versions, leading to unintentional installations of the miner.
4. **Response from Ultralytics**:
– The compromised versions have been removed from PyPI.
– Version 8.3.43 has been released as a clean version to address the issue.
– A full security audit is underway to enhance safeguards against future incidents.
5. **Investigation Status**: The root cause of the breach is under investigation, with indications that it may stem from two malicious pull requests submitted by a user in Hong Kong.
6. **Data Security Concerns**: It remains uncertain whether the malicious code solely affected cryptocurrency mining or also compromised user data. The community is awaiting further clarification and a formal advisory.
7. **User Advisory**: Users who downloaded the compromised versions are advised to conduct a full system scan for security.
8. **Next Steps**: Awaiting additional comments from Ultralytics regarding the attack and their supply chain security measures.