ACCORDING to Pillar Security, an LLMjacking operation dubbed Operation Bizarre Bazaar is targeting exposed LLM and MCP endpoints at scale for commercial monetization, primarily impacting self-hosted LLM infrastructure with exposed default ports, unauthenticated APIs, development environments, and MCP servers.
The operation involves three interconnected entities: a scanner that searches for exposed systems, a validator tied to silver[.]inc that checks identified endpoints, and a marketplace called The Unified LLM API Gateway, controlled by silver[.]inc, which offers access to over 30 LLMs and is hosted on bulletproof infrastructure in the Netherlands.
Pillar notes that identified targets are validated within 2 to 8 hours after scanning, and attackers are seen enumerating model capabilities and assessing response quality, with over 35,000 attack sessions observed and an average of 972 attacks per day. The campaign is run by a threat actor using the moniker Hecker, also known as Sakuya and LiveGamer101, with links to the nexeonai[.]com service, and separate reconnaissance appears to focus on MCP servers, contributing to 60% of total attack traffic by late January.