Over the past seven months, Oligo experts say, thousands of servers using the Anyscale Ray artificial intelligence infrastructure have been subjected to cryptojacking. And the computing power of the servers was illegally used for hidden cryptocurrency mining.
“When attackers get their hands on a Ray production cluster, it's a jackpot. Valuable company data, as well as the ability to remotely execute code, allow hackers to easily monetize attacks while remaining in the shadows thanks to static security tools,” the researchers say.
The Ray computing environment allows organizations to build machine learning platforms, as well as train and scale artificial intelligence and Python workloads. The environment is widely used by major players in the education, biopharmaceuticals and services markets, for example: OpenAI, Uber, Spotify, Netflix, LinkedIn, Niantic and Pinterest to name a few.
Oligo cyber experts said that the servers attacked by hackers were hacked and linked remotely to cryptocurrency miners, including XMRig, NBMiner and Zephyr.
Previously, the analytical company Chainalysis cited research data for the period from 2017 to 2021, which states that more than 73% of cyber attacks aimed at servers of public companies were cryptojacking.
