What is Torchitron?
PyTorch has found a harmful dependency with the same name as the framework’s ‘torchtriton’ archive. This resulted in an executable compromise through the dependency confusion attack vector.
PyTorch administrators have warned users that installed PyTorch-nightly during the holidays to remove the framework and the fake torchtriton dependency. From natural language processing to computer vision, the open-source machine learning framework PyTorch has been prominent in both academic and commercial sectors.
As per PyTorch advisory, at around 4:40 pm GMT on December 30, it learned about a malicious dependency package (torchtriton) that was uploaded to the Python Package Index (PyPI) code repository with the same package name as the one we ship on the PyTorch nightly package index.
Since the PyPI index takes precedence, this malicious package was installed instead of the version from our official repository. This design enables somebody to register a box by the same name as one that exists in a third-party index, and pip will install their version by default.
This malicious package has the same name torchtriton but added code that uploads sensitive data from the machine.