Cryptojacking Chaos: Ray AI Framework Exploit Turns Clusters into Mining Botnet Bonanza
Oligo Security warns of attacks exploiting an old Ray AI framework flaw, turning NVIDIA GPU clusters into cryptocurrency mining botnets. Dubbed ShadowRay 2.0, the campaign leverages GitLab and GitHub to spread malware, turning Ray’s orchestration features into a self-propagating cryptojacking operation that can even launch DDoS attacks.
Hot Take:
The only thing scarier than AI gaining sentience is AI gaining a taste for cryptocurrency! Who would have thought that a two-year-old bug could lead to a massive cryptojacking campaign? It seems like this ShadowRay 2.0 is the toddler of botnets—terrible twos, indeed!
Key Points:
– Oligo Security warns of ongoing attacks exploiting a two-year-old Ray AI framework security flaw.
– The attack, codenamed ShadowRay 2.0, uses the bug to turn clusters with NVIDIA GPUs into a crypto-mining botnet.
– The attacks utilize GitLab and GitHub to deliver malware and have evolved to bypass takedown efforts.
– The malware spreads using Ray’s orchestration features and is disguised as legitimate Linux services.
– Anyscale has released a “Ray Open Ports Checker” tool to help mitigate the vulnerability exposure.