logoalt Hacker News

Tell HN: Litellm 1.82.7 and 1.82.8 on PyPI are compromised

444 pointsby dot_treoyesterday at 12:06 PM364 commentsview on HN

About an hour ago new versions have been deployed to PyPI.

I was just setting up a new project, and things behaved weirdly. My laptop ran out of RAM, it looked like a forkbomb was running.

I've investigated, and found that a base64 encoded blob has been added to proxy_server.py.

It writes and decodes another file which it then runs.

I'm in the process of reporting this upstream, but wanted to give everyone here a headsup.

It is also reported in this issue: https://github.com/BerriAI/litellm/issues/24512

Comments

matrixgardyesterday at 12:50 PM

[dead]

ddacticyesterday at 1:39 PM

[dead]

rsmtjohnyesterday at 2:08 PM

[dead]

osaka2077yesterday at 4:03 PM

[dead]

peytongreen_devyesterday at 1:27 PM

[dead]

mitul005yesterday at 2:04 PM

[dead]

dot_treoyesterday at 12:28 PM

[dead]

thibault000yesterday at 2:38 PM

[dead]

bustahyesterday at 5:36 PM

[dead]

sy0115yesterday at 6:02 PM

[dead]

bustahyesterday at 5:37 PM

[dead]

hahaddmmm12xyesterday at 1:46 PM

[dead]

iamnotai666yesterday at 5:15 PM

[dead]

ajoyyesterday at 7:51 PM

Reminded me of a similar story at openSSH, wonderfully documented in a "Veritasium" episode, which was just fascinating to watch/listen.

https://www.youtube.com/watch?v=aoag03mSuXQ

show 1 reply