Hackers Exploit Ray AI Framework in Ongoing Cryptojacking Attacks
• Researchers discovered ongoing attacks targeting Ray AI framework, allowing hackers to tamper with models and steal credentials.
• Attacks have been active for 7+ months, targeting thousands of servers with AI workloads.
• Hackers are installing crypto miners on compromised servers and stealing network credentials.
• Ray developer Anyscale disputes that this is a vulnerability, but critics say this prevents security tools from detecting attacks.
• Attacks show importance of properly configuring Ray instances to prevent external access.