Data Security, AI/ML, Threat Intelligence

‘Bizarre Bazaar’ campaign exploits exposed LLM endpoints

LLM technology integrated into complex circuit board with illuminated traces and central processing unit

As noted by Bleeping Computer, a significant cybercrime operation dubbed "Bizarre Bazaar" is actively exploiting exposed large language model (LLM) service endpoints to monetize unauthorized access to AI infrastructure. This campaign represents one of the first documented instances of "LLMjacking" attributed to a specific threat actor, according to Pillar Security, which discovered the operation. 

The Bizarre Bazaar campaign targets weakly protected LLM infrastructure, including self-hosted setups, unauthenticated APIs, and development environments. Attackers exploit misconfigurations, such as unprotected Ollama endpoints on port 11434 and OpenAI-compatible APIs on port 8000. The campaign's objectives include stealing computing resources for cryptocurrency mining, reselling API access on darknet markets, exfiltrating sensitive data from prompts and conversation history, and attempting lateral movement into internal systems via Model Context Protocol (MCP) servers. Pillar Security researchers observed over 35,000 attack sessions in 40 days, indicating a sophisticated operation involving multiple threat actors.

The Bizarre Bazaar campaign highlights the growing risks associated with unsecured AI infrastructure, leading to significant costs, data breaches, and potential system compromise. The monetization of stolen API access on darknet markets underscores the evolving threat landscape.

Source: Bleeping Computer

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds