Malware Infected Open Source Project by Y Combinator Graduate LiteLLM
A recent incident that could easily pass for a storyline in the HBO show Silicon Valley, a dreadful malware was discovered in an open source project developed by LiteLLM, a graduate of the Y Combinator. This revelation is akin to an episode from real-life Silicon Valley.
The Scope of LiteLLM’s Influence
LiteLLM is a platform that offers developers easy access to hundreds of AI models and includes features such as expense management. With up to 3.4 million downloads per day and 40,000 stars on GitHub, it was a resounding success. The platform also boasted thousands of forks, as developers utilized it as a foundation to modify and make it their own.
Malware in LiteLLM
Callum McMahon, a researcher from FutureSearch, discovered, documented, and disclosed the malware. FutureSearch is a company that offers AI agents for web search. The malware infiltrated LiteLLM via a “dependency”, other open source software that LiteLLM relied on. This malware stole the login credentials of every platform it touched, using these credentials to gain access to more open source packages and accounts, and harvesting more credentials.
Consequences of the Malware
McMahon’s machine unexpectedly shut down upon downloading LiteLLM. This incident led him to investigate the cause, only to discover the malware. Ironically, a bug in the malware caused his machine to crash. Due to the poorly designed nature of this code, McMahon, alongside renowned AI researcher Andrej Karpathy, concluded that it must have been ambiance-coded.
Resolution by LiteLLM Developers
LiteLLM developers have been working tirelessly to rectify the situation throughout the week. The good news is that the problem was detected relatively quickly, likely within a few hours.
LiteLLM’s Security Compliance Certifications
Interestingly, LiteLLM, as of March 25, still proudly displays on its website that it has passed two major security compliance certifications, SOC2 and ISO 27001. However, these certifications were issued by a startup called Delve.
Delve’s Role in the Incident
Delve is an AI-based compliance startup from Y Combinator that has been accused of misleading its clients about their true compliance status by allegedly generating false data and using auditors who approve the reports. Delve has denied these allegations.
The LiteLLM website has a security certificate from Delve.Image credits:LiteLLM
It’s important to understand a certain nuance here. Certifications like SOC2 and ISO 27001 aim to demonstrate that a company has strong security policies in place to limit the possibility of incidents like this. However, they do not guarantee complete immunity to malware attacks.
LiteLLM’s Response
LiteLLM CEO Krrish Dholakia has not commented on the use of Delve for their security compliance. His current priority is cleaning up the damage caused by the malware attack. “Our current priority is active investigation alongside Mandiant. We are committed to sharing technical lessons learned with the developer community once our forensic review is complete,” he told TechCrunch.
For more details, find the original report Here.
