LiteLLM Python library is compromised
Just learned that LiteLLM, a popular Python library that provides a unified interface to call multiple LLMs, has been compromised and is stealing sensitive info from users.
The post on X reads:
LiteLLM HAS BEEN COMPROMISED, DO NOT UPDATE. We just discovered that LiteLLM pypi release 1.82.8. It has been compromised, it contains litellm_init.pth with base64 encoded instructions to send all the credentials it can find to remote server + self-replicate.
It seems the entire GitHub repo is compromised as this issue #24512 titled "[Security]: CRITICAL: Malicious litellm_init.pth in litellm 1.82.8 — credential stealer" was closed by the owner saying "not planned". It means the owner's GitHub account is hacked and the hacker marked this as solved. But good that it's been reopened, and actively being discussed.
As explained in the FutureSearch article, the malware appears to be very sneaky and dangerous. So if you're affected with it, the current best option is to visit and browse through #24512, as the community is actively tracking the issue and trying to fix this.
Looks like the library was compromised after founder's GitHub profile was hacked by a group or whatever called teampcp. Terrible (not in a good way).
Webmentions