1000’s of servers hacked in ongoing assault focusing on Ray AI framework

Thousands of servers hacked in ongoing attack targeting Ray AI framework

Enlarge (credit score: Getty Photos)

1000’s of servers storing AI workloads and community credentials have been hacked in an ongoing assault marketing campaign focusing on a reported vulnerability in Ray, a computing framework utilized by OpenAI, Uber, and Amazon.

The assaults, which have been lively for at the least seven months, have led to the tampering of AI fashions. They’ve additionally resulted within the compromise of community credentials, permitting entry to inside networks and databases and tokens for accessing accounts on platforms together with OpenAI, Hugging Face, Stripe, and Azure. Apart from corrupting fashions and stealing credentials, attackers behind the marketing campaign have put in cryptocurrency miners on compromised infrastructure, which usually gives huge quantities of computing energy. Attackers have additionally put in reverse shells, that are text-based interfaces for remotely controlling servers.

Hitting the jackpot

“When attackers get their arms on a Ray manufacturing cluster, it’s a jackpot,” researchers from Oligo, the safety agency that noticed the assaults, wrote in a submit. “Helpful firm information plus distant code execution makes it simple to monetize assaults—all whereas remaining within the shadows, completely undetected (and, with static safety instruments, undetectable).”

Learn 12 remaining paragraphs | Feedback

Leave a Reply

Your email address will not be published. Required fields are marked *