Thousands of servers hacked in ongoing attack targeting Ray AI framework

Caute_cautim — Sat, 30 Mar 2024 06:19:42 GMT

Hi All

Thousands of servers storing AI workloads and network credentials have been hacked in an ongoing attack campaign targeting a reported vulnerability in Ray, a computing framework used by OpenAI, Uber, and Amazon.

The attacks, which have been active for at least seven months, have led to the tampering of AI models. They have also resulted in the compromise of network credentials, allowing access to internal networks and databases and tokens for accessing accounts on platforms including OpenAI, Hugging Face, Stripe, and Azure. Besides corrupting models and stealing credentials, attackers behind the campaign have installed cryptocurrency miners on compromised infrastructure, which typically provides massive amounts of computing power. Attackers have also installed reverse shells, which are text-based interfaces for remotely controlling servers.

https://arstechnica.com/security/2024/03/thousands-of-servers-hacked-in-ongoing-attack-targeting-ray-ai-framework/

Regards

Caute_Cautim

Re: Thousands of servers hacked in ongoing attack targeting Ray AI framework

Early_Adopter — Sat, 30 Mar 2024 13:53:27 GMT

Infra and Payments and LLMs! Oh My!

topic Re: Thousands of servers hacked in ongoing attack targeting Ray AI framework in Threats

Thousands of servers hacked in ongoing attack targeting Ray AI framework

Re: Thousands of servers hacked in ongoing attack targeting Ray AI framework