Threat Research

The Invisible Battlefield Behind LLM Security Crisis – NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

iocOne
The Invisible Battlefield Behind LLM Security Crisis – NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
EXTRACT IOC
This article discusses a series of data breaches involving large language models (LLMs) that occurred between January and February 2025. These incidents highlighted vulnerabilities in the deployment of LLMs across enterprises, resulting in extensive data leaks including API keys, user credentials, and sensitive information. The incidents serve as a wake-up call regarding “AI-driven risks” and underscore the need for improved security practices. Affected: DeepSeek, OmniGPT, global enterprises

Keypoints :

  • Open-source LLMs like DeepSeek and Ollama are being rapidly deployed by enterprises, increasing data security risks.
  • Five significant data breaches occurred from January to February 2025, leading to extensive leakage of sensitive data.
  • Security measures in the AI technology space require urgent attention to prevent similar incidents.
  • Improper database configuration, malicious package uploads, compromised user credentials, and the exploitation of vulnerabilities were key issues identified in these breaches.
  • The incidents demonstrate the impact of human error and configuration flaws in cloud security.

MITRE Techniques :

  • T1590 – Collects victim network information through domain name resolution.
  • T1046 – Web Service Discovery to determine open ports and services.
  • T1106 – Native Interface exploitation using the ClickHouse API.
  • T1567 – Data leakage through web services using ClickHouse API.
  • T1593.003 – Searching publicly available Python dependency repositories on PyPI.
  • T1195.002 – Malware wrapped as Python dependency; uploaded to PyPI causing supply chain attacks.
  • T1059.006 – Malicious code embedded in packages revealing environment variables and credentials.
  • T1586 – Leakage of cloud accounts through vulnerability exploitation.
  • T1071.001 – Accessing sensitive data via HTTP/S protocols.
  • T1496 – Exploiting resource hijacking through LLM injection attacks.

Indicator of Compromise :

  • [Domain] dev.deepseek.com:8123
  • [Domain] oauth2callback.deepseek.com:9000
  • [Domain] dev.deepseek.com:9000
  • [Domain] oauth2callback.deepseek.com:8123
  • [Domain] commoncrawl.org (indicating exposure in the data set)

Full Story: https://nsfocusglobal.com/the-invisible-battlefield-behind-llm-security-crisis/

Views: 24

Tags: CHINA, PAYLOAD, PRIVILEGE, SOCIAL ENGINEERING, LEAK, CVE, MOBILE, CLOUD