AKAMAI Security Intelligence Response Team has identified a sophisticated P2P cryptominer malware threat targeting AI environments. This malware exploits vulnerabilities in large language model ports, using automated API requests to hijack processing power covertly. Key techniques include the use of entry scripts for execution without leaving traces on disk, reliance on a fileless architecture for evasion, and persistent processes that restart automatically.
Recommendations for organizations include enhancing host monitoring systems, inspecting outbound traffic, and blocking unauthorized data flows to mitigate the risks posed by this stealthy malware.