Threat actors are actively seeking misconfigured proxy servers to gain access to large language model (LLM) services. A campaign initiated in December has targeted over 73 LLM endpoints, generating 80,000 sessions using low-noise prompts to avoid detection. According to GreyNoise, two distinct operations have been identified, with one utilizing server-side request forgery (SSRF) vulnerabilities to manipulate server connections, likely operated by security researchers leveraging vulnerability assessment tools.
The second campaign, starting December 28, aimed to catalog exposed LLM endpoints, generating significant enumeration request activity across various models, including OpenAI and Google Gemini. GreyNoise indicates these operations suggest malicious intent, though no exploitation or data theft has been reported. To counter these threats, organizations should implement security measures such as restricting model pulls, applying egress filtering, and monitoring for suspicious network fingerprints. Adopting these strategies is vital to safeguard LLM services from potential breaches.
Source link
