As noted by Bleeping Computer, a significant cybercrime operation dubbed "Bizarre Bazaar" is actively exploiting exposed large language model (LLM) service endpoints to monetize unauthorized access to AI infrastructure. This campaign represents one of the first documented instances of "LLMjacking" attributed to a specific threat actor, according to Pillar Security, which discovered the operation. The Bizarre Bazaar campaign targets weakly protected LLM infrastructure, including self-hosted setups, unauthenticated APIs, and development environments. Attackers exploit misconfigurations, such as unprotected Ollama endpoints on port 11434 and OpenAI-compatible APIs on port 8000. The campaign's objectives include stealing computing resources for cryptocurrency mining, reselling API access on darknet markets, exfiltrating sensitive data from prompts and conversation history, and attempting lateral movement into internal systems via Model Context Protocol (MCP) servers. Pillar Security researchers observed over 35,000 attack sessions in 40 days, indicating a sophisticated operation involving multiple threat actors.The Bizarre Bazaar campaign highlights the growing risks associated with unsecured AI infrastructure, leading to significant costs, data breaches, and potential system compromise. The monetization of stolen API access on darknet markets underscores the evolving threat landscape.Source: Bleeping Computer
Data Security, AI/ML, Threat Intelligence
‘Bizarre Bazaar’ campaign exploits exposed LLM endpoints

(Adobe Stock)
An In-Depth Guide to AI
Get essential knowledge and practical strategies to use AI to better your security program.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



