Skip to main content
Security

Unpatched Ray AI Framework Flaw Exploited to Launch Global Cryptomining Botnet

Critical unauthenticated Ray API access allows threat actors to weaponize compute clusters for self-propagating, illicit cryptojacking.
November 22, 20253 min

The image displays polished metallic components, reminiscent of high-precision gears and bearings, intricately linked with translucent blue structures. Within these fluid-like conduits, dark blue granular clusters are visible, suggesting a system in active operation
A detailed close-up reveals a blue, modular technological component partially covered by a dense, intricate network of white foam bubbles. Embedded within the blue structure are silver metallic elements, creating a visually striking representation

Briefing

The ShadowRay 2.0 campaign is actively exploiting a two-year-old, unpatched critical authentication flaw (CVE-2023-48022) in the Ray open-source AI framework’s API server. This vulnerability grants remote, unauthenticated attackers complete control over exposed compute clusters, immediately compromising the integrity of the underlying infrastructure. The primary consequence is the creation of a self-propagating botnet, which leverages hijacked NVIDIA GPUs to execute the XMRig cryptocurrency miner, transforming enterprise AI infrastructure into a resource-draining, illicit revenue stream, rated with a maximum severity CVSS score of 9.8.

A central, white, segmented cylindrical mechanism forms the core, flanked by clusters of metallic blue, geometric blocks. Soft, white, cloud-like formations partially obscure these block clusters, creating a dynamic interplay

Context

The prevailing security posture for many Ray deployments involved a significant oversight ∞ the API server lacked mandatory authentication, a known design flaw that has persisted for over two years. This exposure created a vast, unmonitored attack surface where the platform’s orchestration capabilities could be easily abused. The incident leveraged this known class of vulnerability ∞ missing access control ∞ to turn a legitimate AI tool into a mechanism for lateral malware deployment.

The image presents an abstract arrangement of shiny blue geometric clusters and smooth white spheres, intricately linked by thin black lines against a soft grey background. The central region features a denser concentration of smaller, highly reflective blue elements, creating a sense of dynamic movement and complex interconnectedness

Analysis

The attack begins by exploiting the critical missing authentication bug (CVE-2023-48022) in the Ray API server, which allows for remote, unauthenticated arbitrary code execution on the cluster’s head node. This initial compromise enables the threat actor to deploy the XMRig cryptomining payload. Crucially, the attackers then leverage Ray’s native orchestration features to pivot laterally and distribute the malware to non-internet-facing nodes, establishing a self-replicating worm. The operation is designed to eliminate competing miners and establish persistence via a cron job, illustrating a sophisticated, multi-purpose botnet that is now also weaponized for denial-of-service attacks.

A detailed, close-up view presents a complex, wall-mounted structure composed of blue and white geometric blocks, featuring numerous thin white wires extending outwards. Emerging from this structure is a spherical cluster of white orbs with small, bright blue, crystalline particles attached, symbolizing dynamic data flow

Parameters

  • Vulnerability Severity ∞ 9.8 CVSS score – The maximum severity rating for the exploited authentication bypass flaw.
  • Vulnerability Age ∞ Two years – The duration the critical flaw (CVE-2023-48022) has remained unpatched in the framework.
  • Malware Payload ∞ XMRig – The specific cryptocurrency miner deployed on compromised GPU clusters.

The image displays a sophisticated, angular device featuring a metallic silver frame and translucent, flowing blue internal components. A distinct white "1" is visible on one of the blue elements

Outlook

Immediate mitigation requires administrators to patch the Ray framework to the latest version or implement strict network-level access controls to block external access to the Ray API. The second-order effect is a heightened scrutiny on all open-source AI/ML frameworks, establishing a new security best practice that dictates immediate, mandatory authentication for all internal cluster communication and API endpoints. This event underscores that compute-intensive, unauthenticated infrastructure will remain a primary target for cryptojacking operations.

This exploitation of a two-year-old, unpatched critical authentication flaw in a major AI framework proves that systemic security debt in core infrastructure is a persistent and highly profitable vector for large-scale cryptojacking operations.

Authentication flaw, open source security, supply chain risk, critical vulnerability, cryptojacking botnet, remote code execution, unpatched systems, AI infrastructure, GPU mining, lateral movement, self-propagating malware, API server exploit, high severity CVSS, system hijacking, compute resource theft Signal Acquired from ∞ thehackernews.com

Micro Crypto News Feeds

ai infrastructure

Definition ∞ AI infrastructure refers to the foundational hardware and software components necessary for developing, training, and deploying artificial intelligence models.

vulnerability

Definition ∞ A vulnerability refers to a flaw or weakness in a system, protocol, or smart contract that could be exploited by malicious actors to compromise its integrity, security, or functionality.

code execution

Definition ∞ Code execution is the process by which a computer follows instructions written in a programming language.

framework

Definition ∞ A framework provides a foundational structure or system that can be adapted or extended for specific purposes.

malware

Definition ∞ Malware is malicious software designed to infiltrate and damage computer systems or steal sensitive information.

infrastructure

Definition ∞ Infrastructure refers to the fundamental technological architecture and systems that support the operation and growth of blockchain networks and digital asset services.

Tags:

Tags: