Attacker exploits misconfigured AI tool to run AI-generated payload

A recent attack exploited a misconfigured system hosting Open WebUI, an AI interface for enhancing large language models (LLMs), allowing a threat actor to inject and execute malicious AI-generated code. The attacker uploaded a sophisticated Python script, leveraging Open WebUI's tool system to run cryptomining software on both Linux and Windows platforms while employing uncommon methods for defense evasion, including processhider and argvhider tools. A Discord webhook was used for command and control, highlighting the growing use of AI in developing malware. Sysdig Threat Research Team detected the attack, emphasizing the importance of runtime security and multi-layer threat detection to counteract such complex threats. The incident underscores the risks associated with exposing systems like Open WebUI to the internet without proper configuration and authentication, as attackers continuously scan for such vulnerabilities.