Monday 06 July 2026 01:56:03 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

Breaches & Data Leaks

AI Tools Turned into Cyber Weapons: OpenWebUI Servers Breached in Global Data Heist

Published: 19 March 2026 11:32Category: Breaches & Data LeaksAuthor: AUDITWOLF

Subtitle: Misconfigured OpenWebUI servers worldwide have been hijacked with AI-powered malware, leading to widespread data theft and cryptomining attacks.

It started with a simple oversight: an admin forgot to set a password. That single slip has now opened the floodgates to a new breed of cyberattack, one where artificial intelligence doesn’t just answer questions-it steals secrets and mines cryptocurrency. Across the globe, thousands of OpenWebUI servers, designed to make AI accessible and friendly, have instead become hosts for sophisticated malware, all because of a dangerous misconfiguration.

Fast Facts

  • Over 17,000 OpenWebUI servers were found exposed online, many with admin access left unprotected.
  • Attackers injected heavily obfuscated, AI-generated Python scripts through the platform’s plugin system.
  • Linux systems were hijacked for cryptomining, while Windows machines faced advanced credential theft.
  • Malware used stealth tools to hide itself and evade detection on both operating systems.
  • Discord webhooks served as command-and-control channels for attackers to exfiltrate stolen data.

Inside the AI-Powered Breach

The campaign, uncovered by Sysdig’s threat research team, exploited one of the most common-and dangerous-security failures: leaving powerful systems exposed to the internet with no authentication. OpenWebUI, a self-hosted interface for large language models, became the perfect target. Attackers didn’t need zero-day exploits or sophisticated phishing campaigns. They simply scanned for open doors.

Once inside, the attackers abused the platform’s plugin system to upload malicious Python scripts. These scripts weren’t just any malware-they were obfuscated 64 times over, likely with the help of artificial intelligence, and tailored for maximum stealth. The payloads acted differently depending on the operating system.

On Linux, the focus was cryptojacking: the malware hid itself deep within the system, downloaded popular mining tools like T-Rex and XMRig, and siphoned off computing power to mine Monero and Kawpow. To keep the operation invisible, attackers deployed two custom C programs-one to make the mining process vanish from system monitors, and another to scrub any evidence from memory.

On Windows, the operation escalated. The malware downloaded the Java Development Kit and a rogue JAR file, then pivoted to credential theft. It targeted browser extensions and Discord credentials, using advanced sandbox evasion techniques to stay undetected. All stolen data and mined coins funneled back to the attackers via Discord webhooks.

The entire attack chain required no software vulnerabilities-just a lack of basic security hygiene. And with AI now writing and obfuscating the code, the barrier for launching such attacks has never been lower.

Lessons from the Breach

As AI tools become more embedded in enterprise infrastructure, their security can no longer be an afterthought. This breach is a stark reminder: even the most advanced technology is only as strong as its weakest configuration. Organizations must lock down admin interfaces, enforce authentication, and monitor for stealthy behaviors like memory manipulation and hidden mining. In the age of AI, complacency is the ultimate vulnerability.

WIKICROOK

  • OpenWebUI: OpenWebUI is a self-hosted web interface that lets users interact securely with large language models on their own servers, protecting sensitive data.
  • Cryptojacking: Cryptojacking is when hackers secretly use your device to mine cryptocurrency, slowing it down and increasing electricity costs without your knowledge.
  • Obfuscation: Obfuscation is the practice of disguising code or data to make it difficult for humans or security tools to understand, analyze, or detect.
  • LD_PRELOAD: LD_PRELOAD lets users load custom libraries to override functions in existing Unix programs, enabling debugging, monitoring, or feature changes without altering original code.
  • Discord Webhook: A Discord Webhook is a special URL that lets apps automatically send messages or data to a Discord channel, often used for alerts or integrations.