March 27, 2024 at 08:48AM
Attackers have been exploiting a missing authentication vulnerability in the Ray AI framework, allowing them to compromise hundreds of clusters. The issue, identified as CVE-2023-48022, enables the submission of arbitrary system commands and access to sensitive information. Oligo reports numerous compromised clusters, including potential cryptomining and unauthorized access to cloud services.
Based on the meeting notes, the key takeaways are as follows:
– Attackers have been exploiting a missing authentication vulnerability (CVE-2023-48022) in the Ray AI framework to compromise hundreds of clusters, leading to significant data breaches and potential access to sensitive information.
– Anyscale, the maintainer of the Ray framework, has intentionally not included authentication in its default configuration, putting the onus on users to enforce security and isolation outside the cluster.
– Oligo, the application security firm, has observed the exploitation of the vulnerability, resulting in the compromise of Ray clusters and the theft of various sensitive information, including AI production workload data, database credentials, password hashes, SSH keys, and tokens from renowned AI platforms such as OpenAI, HuggingFace, and Stripe.
– The compromised clusters also exposed Kubernetes API access and Slack tokens, allowing the attackers to potentially gain unauthorized access to cloud services and customer data.
– Oligo discovered that the attackers installed cryptominers and reverse shells for persistent access, with the breach likely starting before the vulnerability was disclosed in November 2023.
– The security firm believes that the threat actors are part of a well-established hacking group and have managed to evade detection using the Interactsh open-source service for connection requests, taking advantage of the disputed nature of the exploited vulnerability.
These takeaways highlight the seriousness of the situation, the impact on affected organizations, and the potential risks associated with the exploitation of the Ray AI framework vulnerability. It is essential for organizations to be aware of these developments and take appropriate measures to secure their Ray clusters and mitigate any potential threats.