Malicious actors have exploited a flaw in the Ray AI framework’s Job Submission API, enabling unauthorized remote code execution for cryptojacking. This exploitation has led to a self-propagating operation spreading across over 200,000 exposed Ray servers, significantly impacting startups and research labs. Oligo researchers indicate that the attackers aimed for NVIDIA A100 GPUs, leveraging cloud resources for profit while disguising their malicious activities.
The attack was executed in two phases: initially using GitLab to develop malware, then rapidly transitioning to GitHub to continue operations after being detected. The underlying vulnerability, historically known as CVE-2023-48022, has not been fully mitigated and still poses a risk, as many users unintentionally deploy Ray in insecure environments. Oligo emphasizes the persistent and evolving nature of this threat, underlining the necessity for heightened awareness and security in deploying AI frameworks in open environments.
👉 Pročitaj original: CyberScoop
