Essential Insights
- Ongoing attacks exploit a two-year-old, unpatched vulnerability in the Ray AI framework (CVE-2023-48022) to hijack NVIDIA GPU clusters for autonomous cryptomining and malware spreading.
- Cybercriminals utilize exposed Ray dashboards via GitHub and GitLab to deploy malicious payloads, establish reverse shells, and propagate the malware across networks.
- The campaigns leverage large language models to craft complex payloads, include region-specific malware, and employ tactics like process disguise and CPU throttling to evade detection.
- Threat actors are weaponizing compromised Ray clusters for DDoS attacks and creating a versatile botnet, transforming a cryptojacking operation into a multi-purpose attack infrastructure.
Underlying Problem
Oligo Security has uncovered a persistent and sophisticated cyber threat involving malicious exploitation of a two-year-old vulnerability (CVE-2023-48022) in the open-source AI framework Ray, which is used widely for orchestrating large-scale computing tasks. The attack, dubbed ShadowRay 2.0, specifically targets exposed Ray clusters running on servers with NVIDIA GPUs, turning them into self-propagating botnets that perform illicit cryptocurrency mining and potentially launch denial-of-service attacks. The malicious actors, believed to be utilizing large language models to craft payloads, exploit the unauthenticated API endpoints on vulnerable dashboards to inject sophisticated scripts that spread across connected clusters, avoiding detection by impersonating legitimate system processes and limiting CPU usage to remain covert. The campaign’s origins likely trace back to September 2024, and it has demonstrated resilience in the face of takedown efforts, continually adapting by creating new GitHub accounts and leveraging platform orchestration features for lateral movement and persistence. This clandestine operation not only emphasizes the risks posed by misconfigured cloud deployments—over 230,500 Ray servers are openly accessible—but also suggests a dual purpose: generating cryptocurrency and deploying distributed denial-of-service (DDoS) attacks against rival mining infrastructure or other targets, effectively transforming compromised clusters into multi-purpose bots.
The story is reported by cybersecurity researchers Avi Lumelsky and Gal Elbaz, who have traced this evolving threat to malicious actors exploiting a vulnerable component of Ray’s design decision to maintain isolated networks and trusted code execution. Their findings highlight the dangerous confluence of lax security configurations—such as exposed dashboards—and advanced malware techniques that leverage AI-generated code to craft deceptive payloads. This exploitation reflects a broader trend of cybercriminals weaponizing legitimate open-source tools for profit and disruption, underscoring the urgent need for organizations utilizing Ray to implement safeguards like the new “Ray Open Ports Checker,” firewalls, and enhanced access control protocols. The attack’s multifaceted nature illustrates how genuine system features—intended for orchestration and management—are now being manipulated into powerful, autonomous tools for crypto-mining, malware spread, and DDoS campaigns, posing a significant threat across cloud-based AI infrastructure.
Security Implications
The “ShadowRay 2.0” exploit exposes a significant vulnerability in unpatched GPU systems, enabling malicious actors to deploy self-spreading cryptomining malware that transforms your company’s hardware into a part of a powerful, uncontrolled botnet. If your business’s network and computational infrastructure are compromised, this not only shifts your hardware’s purpose from productive work to illegal currency mining, drastically diminishing system performance and causing operational disruptions, but also exposes sensitive data to theft and leaves your organization vulnerable to subsequent cyberattacks. The financial impact can be severe—rising costs for hardware degradation, increased energy consumption, potential legal liabilities, and reputational damage—while uptime and productivity suffer, ultimately threatening your competitive edge and operational stability in an increasingly digital economy.
Possible Action Plan
Understanding how quickly to address vulnerabilities like the ShadowRay 2.0 exploits is crucial because delays can allow attackers to establish persistent access, expand into other systems, and cause widespread damage, especially considering the self-spreading nature of the botnet. Prompt remediation minimizes operational disruptions, safeguards sensitive data, and maintains organizational trust and resilience.
Containment Measures
- Isolate affected systems from the network to prevent further spread.
Patch Deployment
- Apply the latest security patches to remediate the unpatched Ray flaw immediately.
Vulnerability Assessment
- Conduct thorough scans to identify all impacted hardware and software.
Monitoring & Detection
- Enhance monitoring for abnormal GPU activity and signs of crypto-mining behavior.
Incident Response
- Activate incident response procedures to analyze breach details and manage outbreak response.
Credential Security
- Reset all credentials and review access controls to restrict attacker movement.
System Hardening
- Disable or limit GPU functionalities that are vulnerable to exploitation.
User Awareness
- Inform users about the threat and instruct on best security practices to prevent further compromise.
Collaboration & Reporting
- Coordinate with cybersecurity authorities and industry partners to share intelligence and receive guidance.
Advance Your Cyber Knowledge
Stay informed on the latest Threat Intelligence and Cyberattacks.
Access world-class cyber research and guidance from IEEE.
Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.
Cyberattacks-V1cyberattack-v1-multisource
