About this actor
[ShadowRay](https://attack.mitre.org/campaigns/C0045) was a campaign that began in late 2023 targeting the education, cryptocurrency, biopharma, and other sectors through a vulnerability (CVE-2023-48022) in the Ray AI framework named ShadowRay. According to security researchers [ShadowRay](https://attack.mitre.org/campaigns/C0045) was the first known instance of AI workloads being activley exploited in the wild through vulnerabilities in AI infrastructure. CVE-2023-48022, which allows access to compute resources and sensitive data for exposed instances, remains unpatched and has been disputed by the vendor as they maintain that Ray is not intended for use outside of a strictly controlled network environment.(Citation: Oligo ShadowRay Campaign MAR 2024)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
CM-6 | 10 / 16 | 62% |
SI-3 | 10 / 16 | 62% |
CM-2 | 9 / 16 | 56% |
SI-4 | 9 / 16 | 56% |
AC-3 | 8 / 16 | 50% |
AC-6 | 8 / 16 | 50% |
SI-7 | 8 / 16 | 50% |
AC-2 | 7 / 16 | 44% |
CA-7 | 7 / 16 | 44% |
SI-2 | 7 / 16 | 44% |
CM-7 | 6 / 16 | 38% |
CM-5 | 5 / 16 | 31% |
AC-4 | 4 / 16 | 25% |
AC-5 | 4 / 16 | 25% |
IA-2 | 4 / 16 | 25% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- Whitefly 0.35
- Metador 0.29
- Blue Mockingbird 0.24
- Moses Staff 0.24
- C0018 0.20