Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet.
The activity, codenamed ShadowRay 2.0, is an evolution of a prior wave that was observed between September 2023 and March 2024. The attack, at its core, exploits a critical missing authentication bug (CVE-2023-48022, CVSS score: 9.8) to take control of susceptible instances and hijack their computing power for illicit cryptocurrency mining using XMRig.
The vulnerability has remained unpatched due to a “long-standing design decision” that’s consistent with Ray’s development best practices, which requires it to be run in an isolated network and act upon trusted code.
The campaign involves submitting malicious jobs, with commands ranging from simple reconnaissance to complex multi-stage Bash and Python payloads, to an unauthenticated Ray Job Submission API (“/api/jobs/”) on exposed dashboards. The compromised Ray clusters are then used in spray and pray attacks to distribute the payloads to other Ray dashboards, creating a worm that can essentially spread from one victim to another.
The attacks have been found to leverage GitLab and GitHub to deliver the malware, using names like “ironern440-group” and “thisisforwork440-ops” to create repositories and stash the malicious payloads. Both accounts are no longer accessible. However, the cybercriminals have responded to takedown efforts by creating a new GitHub account, illustrating their tenacity and ability to quickly resume operations.
The payloads, in turn, leverage the platform’s orchestration capabilities to pivot laterally to non-internet-facing nodes, spread the malware, create reverse shells to attacker-controlled infrastructure for remote control, and establish persistence by running a cron job every 15 minutes that pulls the latest version of the malware from GitLab to re-infect the hosts.
The threat actors “have turned Ray’s legitimate orchestration features into tools for a self-propagating, globally cryptojacking operation, spreading autonomously across exposed Ray clusters,” researchers Avi Lumelsky and Gal Elbaz said.
The campaign has likely made use of large language models (LLMs) to create the GitLab payloads. This assessment is based on the malware’s “structure, comments, and error handling patterns.”
The infection chain involves an explicit check to determine if the victim is located in China, and if so, serves a region-specific version of the malware. It’s also designed to eliminate competition by scanning running processes for other cryptocurrency miners and terminating them – a tactic widely adopted by cryptojacking groups to maximize the mining gains from the host.
Another notable aspect of the attacks is the use of various tactics to fly under the radar, including…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
