An attacker published a backdoored release of the popular elementary-data package (v0.23.3) to PyPI and pushed a malicious Docker image, stealing developer secrets and cryptocurrency wallets. The compromise exploited a GitHub Actions script-injection that exposed GITHUB_TOKEN to forge a signed release; a clean 0.23.4 was published but users who installed 0.23.3 remain at risk. #elementary-data #PyPI
Keypoints
- A malicious release of elementary-data (v0.23.3) was published to PyPI and also pushed as a backdoored Docker image.
- The attacker used a GitHub Actions script-injection via a pull-request comment to leak GITHUB_TOKEN and forge a signed commit and tag.
- The backdoor installed elementary.pth to exfiltrate SSH keys, Git and cloud credentials, .env files, crypto wallet files, and system data.
- Community member crisperik reported the issue and maintainers released a clean 0.23.4, but exposed users remain compromised.
- Users who installed elementary-data==0.23.3 or pulled ghcr.io/elementary-data/elementary:0.23.3 or :latest should rotate all secrets and restore from known-safe backups.