Security

Unpatched Ray AI Framework Flaw Exploited to Launch Global Cryptomining Botnet

Critical unauthenticated Ray API access allows threat actors to weaponize compute clusters for self-propagating, illicit cryptojacking.
November 22, 20253 min

A detailed abstract visualization features a central white, glossy, multi-layered spherical and toroidal mechanism, intricately wired with delicate metallic strands and small white nodes. This core structure is flanked by two large clusters of dark blue, translucent, angular crystalline forms, set against a smooth, muted grey background
A highly detailed, metallic circular mechanism with a glowing blue core is partially enveloped by effervescent white foam. The intricate design suggests advanced engineering, possibly representing a validator node or oracle processing complex data

Briefing

The ShadowRay 2.0 campaign is actively exploiting a two-year-old, unpatched critical authentication flaw (CVE-2023-48022) in the Ray open-source AI framework’s API server. This vulnerability grants remote, unauthenticated attackers complete control over exposed compute clusters, immediately compromising the integrity of the underlying infrastructure. The primary consequence is the creation of a self-propagating botnet, which leverages hijacked NVIDIA GPUs to execute the XMRig cryptocurrency miner, transforming enterprise AI infrastructure into a resource-draining, illicit revenue stream, rated with a maximum severity CVSS score of 9.8.

A sleek white robotic arm extends towards the center of an intricate, glowing blue sphere, appearing to establish a secure connection. The sphere itself is a complex assembly of metallic and illuminated components, suggesting a high-tech digital infrastructure

Context

The prevailing security posture for many Ray deployments involved a significant oversight → the API server lacked mandatory authentication, a known design flaw that has persisted for over two years. This exposure created a vast, unmonitored attack surface where the platform’s orchestration capabilities could be easily abused. The incident leveraged this known class of vulnerability → missing access control → to turn a legitimate AI tool into a mechanism for lateral malware deployment.

A close-up view captures a spherical mechanical apparatus, intricately designed with a polished blue outer shell composed of interconnected bands and internal complex metallic components. Visible fasteners secure the blue framework, revealing a dense core of gears, conduits, and electronic-like parts within a contained structure

Analysis

The attack begins by exploiting the critical missing authentication bug (CVE-2023-48022) in the Ray API server, which allows for remote, unauthenticated arbitrary code execution on the cluster’s head node. This initial compromise enables the threat actor to deploy the XMRig cryptomining payload. Crucially, the attackers then leverage Ray’s native orchestration features to pivot laterally and distribute the malware to non-internet-facing nodes, establishing a self-replicating worm. The operation is designed to eliminate competing miners and establish persistence via a cron job, illustrating a sophisticated, multi-purpose botnet that is now also weaponized for denial-of-service attacks.

A luminous white sphere sits at the heart of a vibrant, spiky formation of blue and white crystals. These sharp, angular structures radiate outwards, mimicking the complex, multi-layered architecture of blockchain technology

Parameters

  • Vulnerability Severity → 9.8 CVSS score – The maximum severity rating for the exploited authentication bypass flaw.
  • Vulnerability Age → Two years – The duration the critical flaw (CVE-2023-48022) has remained unpatched in the framework.
  • Malware Payload → XMRig – The specific cryptocurrency miner deployed on compromised GPU clusters.

A chain of glossy white spheres linked by transparent rods extends across a grey background, each sphere encircled by a dynamic cluster of blue and clear crystalline shards radiating light. The composition suggests an abstract representation of interconnected digital entities or processes

Outlook

Immediate mitigation requires administrators to patch the Ray framework to the latest version or implement strict network-level access controls to block external access to the Ray API. The second-order effect is a heightened scrutiny on all open-source AI/ML frameworks, establishing a new security best practice that dictates immediate, mandatory authentication for all internal cluster communication and API endpoints. This event underscores that compute-intensive, unauthenticated infrastructure will remain a primary target for cryptojacking operations.

This exploitation of a two-year-old, unpatched critical authentication flaw in a major AI framework proves that systemic security debt in core infrastructure is a persistent and highly profitable vector for large-scale cryptojacking operations.

Authentication flaw, open source security, supply chain risk, critical vulnerability, cryptojacking botnet, remote code execution, unpatched systems, AI infrastructure, GPU mining, lateral movement, self-propagating malware, API server exploit, high severity CVSS, system hijacking, compute resource theft Signal Acquired from → thehackernews.com

Micro Crypto News Feeds

ai infrastructure

Definition ∞ AI infrastructure refers to the foundational hardware and software components necessary for developing, training, and deploying artificial intelligence models.

vulnerability

Definition ∞ A vulnerability refers to a flaw or weakness in a system, protocol, or smart contract that could be exploited by malicious actors to compromise its integrity, security, or functionality.

code execution

Definition ∞ Code execution is the process by which a computer follows instructions written in a programming language.

framework

Definition ∞ A framework provides a foundational structure or system that can be adapted or extended for specific purposes.

malware

Definition ∞ Malware is malicious software designed to infiltrate and damage computer systems or steal sensitive information.

infrastructure

Definition ∞ Infrastructure refers to the fundamental technological architecture and systems that support the operation and growth of blockchain networks and digital asset services.

Tags:

Tags: