Security

Unpatched Ray AI Framework Flaw Exploited to Launch Global Cryptomining Botnet

Critical unauthenticated Ray API access allows threat actors to weaponize compute clusters for self-propagating, illicit cryptojacking.
November 22, 20253 min

A highly detailed, futuristic mechanical assembly is presented, featuring polished silver and vibrant translucent blue elements. The central focus is an intricate ring structure adorned with clusters of small, sparkling blue crystalline components, suggesting a core operational unit
A translucent, frosted rectangular module displays two prominent metallic circular buttons, set against a dynamic backdrop of flowing blue and reflective silver elements. This sophisticated interface represents a critical component in secure digital asset management, likely a hardware wallet designed for cold storage of private keys

Briefing

The ShadowRay 2.0 campaign is actively exploiting a two-year-old, unpatched critical authentication flaw (CVE-2023-48022) in the Ray open-source AI framework’s API server. This vulnerability grants remote, unauthenticated attackers complete control over exposed compute clusters, immediately compromising the integrity of the underlying infrastructure. The primary consequence is the creation of a self-propagating botnet, which leverages hijacked NVIDIA GPUs to execute the XMRig cryptocurrency miner, transforming enterprise AI infrastructure into a resource-draining, illicit revenue stream, rated with a maximum severity CVSS score of 9.8.

A vibrant abstract composition features multiple white spheres, some encircled by transparent rings, centrally positioned amidst an abundance of blue and clear geometric polyhedra. Dark blue structural components provide a framework, interconnected by fine black and red wires, against a gradient grey background

Context

The prevailing security posture for many Ray deployments involved a significant oversight → the API server lacked mandatory authentication, a known design flaw that has persisted for over two years. This exposure created a vast, unmonitored attack surface where the platform’s orchestration capabilities could be easily abused. The incident leveraged this known class of vulnerability → missing access control → to turn a legitimate AI tool into a mechanism for lateral malware deployment.

The image displays polished metallic components, reminiscent of high-precision gears and bearings, intricately linked with translucent blue structures. Within these fluid-like conduits, dark blue granular clusters are visible, suggesting a system in active operation

Analysis

The attack begins by exploiting the critical missing authentication bug (CVE-2023-48022) in the Ray API server, which allows for remote, unauthenticated arbitrary code execution on the cluster’s head node. This initial compromise enables the threat actor to deploy the XMRig cryptomining payload. Crucially, the attackers then leverage Ray’s native orchestration features to pivot laterally and distribute the malware to non-internet-facing nodes, establishing a self-replicating worm. The operation is designed to eliminate competing miners and establish persistence via a cron job, illustrating a sophisticated, multi-purpose botnet that is now also weaponized for denial-of-service attacks.

The image displays a detailed view of interconnected blue mechanical components. Predominantly, dark blue cylindrical units with central black and silver elements are visible, alongside a rectangular block featuring multiple circular ports

Parameters

  • Vulnerability Severity → 9.8 CVSS score – The maximum severity rating for the exploited authentication bypass flaw.
  • Vulnerability Age → Two years – The duration the critical flaw (CVE-2023-48022) has remained unpatched in the framework.
  • Malware Payload → XMRig – The specific cryptocurrency miner deployed on compromised GPU clusters.

The image presents a striking visual of a central white spherical element with an internal dark aperture, surrounded by flowing blue crystalline structures. Thin black strands emanate, connecting to additional white spheres, all set against a deep blue background

Outlook

Immediate mitigation requires administrators to patch the Ray framework to the latest version or implement strict network-level access controls to block external access to the Ray API. The second-order effect is a heightened scrutiny on all open-source AI/ML frameworks, establishing a new security best practice that dictates immediate, mandatory authentication for all internal cluster communication and API endpoints. This event underscores that compute-intensive, unauthenticated infrastructure will remain a primary target for cryptojacking operations.

This exploitation of a two-year-old, unpatched critical authentication flaw in a major AI framework proves that systemic security debt in core infrastructure is a persistent and highly profitable vector for large-scale cryptojacking operations.

Authentication flaw, open source security, supply chain risk, critical vulnerability, cryptojacking botnet, remote code execution, unpatched systems, AI infrastructure, GPU mining, lateral movement, self-propagating malware, API server exploit, high severity CVSS, system hijacking, compute resource theft Signal Acquired from → thehackernews.com

Micro Crypto News Feeds

ai infrastructure

Definition ∞ AI infrastructure refers to the foundational hardware and software components necessary for developing, training, and deploying artificial intelligence models.

vulnerability

Definition ∞ A vulnerability refers to a flaw or weakness in a system, protocol, or smart contract that could be exploited by malicious actors to compromise its integrity, security, or functionality.

code execution

Definition ∞ Code execution is the process by which a computer follows instructions written in a programming language.

framework

Definition ∞ A framework provides a foundational structure or system that can be adapted or extended for specific purposes.

malware

Definition ∞ Malware is malicious software designed to infiltrate and damage computer systems or steal sensitive information.

infrastructure

Definition ∞ Infrastructure refers to the fundamental technological architecture and systems that support the operation and growth of blockchain networks and digital asset services.

Tags:

Tags: