The world of artificial intelligence (AI) is constantly evolving, opening up new possibilities for innovation and advancement. However, along with these advancements come new risks and threats. Recently, the Sysdig Threat Research Team (TRT) uncovered a new cyberattack scheme known as LLMjacking, shedding light on the dangers posed by sophisticated cybercriminals.

According to the research conducted by Sysdig’s security researcher Alessandro Brucato, cybercriminals are targeting systems with outdated software using stolen cloud credentials to access local Large Language Models (LLMs) hosted by cloud providers. These attackers are exploiting vulnerabilities in systems to gain access to the powerful capabilities of LLMs, which can have significant financial implications for the victims.

Prior to the release of the research, attackers had already compromised LLM models across various AI services, including Anthropic, AWS Bedrock, Google Cloud Vertex AI, Mistral, and OpenAI. In one instance, attackers targeted a local Claude (v2/v3) LLM model from Anthropic by breaching a vulnerable Laravel Framework system and gaining access to AWS credentials through a known vulnerability (CVE-2021-3129). By using an open-source Python script, the attackers were able to access compromised accounts and exploit the LLM capabilities.

What sets LLMjacking apart from traditional cyberattacks is the motive behind it. Unlike typical attacks focused on data theft or disruption, LLMjacking is primarily driven by profit. However, the goal of the attackers is not to steal the data stored within the LLMs but rather to sell access to the AI models’ capabilities to other criminals. This shift in focus highlights the increasing sophistication of cybercriminals and the need for enhanced security measures.

Researchers discovered that attackers are manipulating logging settings in compromised systems to evade detection while using stolen LLM access. This level of sophistication showcases the evolving tactics employed by cybercriminals to avoid detection and maximize their impact. The potential financial ramifications of these attacks are significant, with victims facing substantial costs associated with LLM consumption.

In response to this emerging threat, Sysdig recommends a comprehensive approach to securing AI systems. This includes implementing robust vulnerability and secrets management practices, as well as utilizing Cloud Security Posture Management or Cloud Infrastructure Entitlement Management solutions to minimize permissions and prevent unauthorized access. By taking proactive measures to secure AI systems, organizations can reduce their vulnerability to attacks like LLMjacking.

The discovery of LLMjacking serves as a stark reminder of the ever-present threat posed by cybercriminals in the rapidly evolving landscape of artificial intelligence. As technology continues to advance, it is essential for organizations to remain vigilant and proactive in combating emerging threats and safeguarding their valuable assets. By staying informed and implementing effective security measures, businesses can mitigate the risks associated with AI-related cyberattacks and protect their critical data and resources.

Link na izvor