"As part of a broad LLMjacking operation, cybercriminals are searching for, hijacking, and monetizing exposed LLM and MCP endpoints at scale, Pillar Security reports. The campaign, dubbed Operation Bizarre Bazaar, targets exposed or unprotected AI endpoints to hijack system resources, resell API access, exfiltrate data, and move laterally to internal systems. The attacks mainly impact self-hosted LLM infrastructure, including endpoints with exposed default ports, unauthenticated APIs, development/staging environments, and MCP servers."
""The threat differs from traditional API abuse because compromised LLM endpoints can generate significant costs (inference is expensive), expose sensitive organizational data, and provide lateral movement opportunities," Pillar explains. Operation Bizarre Bazaar involves three interconnected entities: a scanner (bot infrastructure that scours the web for exposed systems), a validator (tied to silver.inc, it validates identified endpoints), and a marketplace (The Unified LLM API Gateway, controlled by silver.inc)."
"The marketplace, the cybersecurity firm says, offers access to over 30 LLMs. It is hosted on bulletproof infrastructure in the Netherlands, and marketed on Discord and Telegram, with payments made via cryptocurrency or PayPal. Pillar has observed over 35,000 attack sessions associated with the operation, at an average of 972 attacks per day. "The sustained high-volume activity confirms systematic targeting of exposed AI infrastructure rather than opportunistic scanning," Pillar notes."
Operation Bizarre Bazaar targets exposed or unprotected AI endpoints to hijack compute resources, resell API access, exfiltrate organizational data, and move laterally into internal systems. The operation primarily impacts self-hosted LLM infrastructure, including instances with default exposed ports, unauthenticated APIs, development or staging environments, and MCP servers. The campaign uses a scanner to find targets, a validator tied to silver.inc to test endpoints, and a marketplace (The Unified LLM API Gateway) to sell access. The marketplace lists over 30 LLMs, operates from bulletproof infrastructure in the Netherlands, and accepts cryptocurrency and PayPal. Observed activity exceeds 35,000 attack sessions, averaging 972 daily.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]