Researchers at Pillar Security observed over 35,000 attack sessions in 40 days targeting exposed LLM endpoints in a large-scale campaign they named “Bizarre Bazaar.” The operation monetizes unauthorized access—using cryptomining, reselling API access via SilverInc/NeXeonAI, exfiltrating prompts, and attempting lateral movement through MCP servers. #BizarreBazaar #SilverInc
Keypoints
- Pillar Security recorded more than 35,000 attacks over 40 days on exposed LLM endpoints.
- The “Bizarre Bazaar” campaign monetizes access via cryptomining, API resale, and data exfiltration.
- Attackers exploit misconfigurations like unauthenticated Ollama endpoints (port 11434) and OpenAI-compatible APIs (port 8000).
- A three-actor supply chain scans, validates, and resells access through a service marketed as SilverInc/NeXeonAI.
- Compromised LLM and MCP endpoints can cause costly inference abuse and enable lateral movement into internal systems.