Oligo: Hackers exploit vulnerability of Ray AI platform for hidden mining
Oligo cybersecurity experts have announced that the lack of two-factor controls and authentication in the Ray Dashboard and Client environments is being actively exploited by hackers to freely send tasks, as well as gain access to confidential information and remotely execute commands.
Over the past seven months, according to Oligo experts, thousands of servers using Anyscale Ray artificial intelligence infrastructure have been subjected to cryptojacking. And the computing power of the servers was illegally used for hidden mining of cryptocurrencies.
"When attackers get their hands on a Ray production cluster, it's a jackpot. The company's valuable data, as well as the ability to remotely execute code, allow hackers to easily monetize attacks while remaining in the shadows thanks to static security tools," the researchers say.
The Ray computing environment allows organizations to create machine learning platforms, as well as train and scale artificial intelligence and Python workloads. The medium is widely used by the largest market participants in education, biopharmaceuticals and the provision of a wide variety of services, for example: OpenAI, Uber, Spotify, Netflix, LinkedIn, Niantic and Pinterest, and many others.
Oligo cyber experts said that the servers attacked by hackers were hacked and paired with remote access to cryptocurrency miners, including XMRig, NBMiner and Zephyr.
Source: https://bits.media/oligo-khakery-ispolzuyut-uyazvimost-platformy-ray-ai-dlya-skrytogo-mayninga/