Ultralytics, a renowned artificial intelligence firm, was compromised by cyber attackers who hijacked its AI model to distribute cryptomining malware. As a result, thousands of systems were unknowingly infected, utilizing their computing resources to mine cryptocurrency for the attackers. The malware spread rapidly, primarily affecting users who believed they were downloading legitimate AI software updates. The incident not only caused financial damage due to the illicit use of resources but also tainted Ultralytics' reputation for secure and reliable software.
Source: https://securityaffairs.com/171794/malware/security-affairs-malware-newsletter-round-23.html
TPRM report: https://scoringcyber.rankiteo.com/company/ultralytics
"id": "ult000120924",
"linkid": "ultralytics",
"type": "Vulnerability",
"date": "12/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'customers_affected': 'Thousands',
'industry': 'Artificial Intelligence',
'name': 'Ultralytics',
'type': 'Company'}],
'attack_vector': 'Malicious Software Update',
'description': 'Ultralytics, a renowned artificial intelligence firm, was '
'compromised by cyber attackers who hijacked its AI model to '
'distribute cryptomining malware. As a result, thousands of '
'systems were unknowingly infected, utilizing their computing '
'resources to mine cryptocurrency for the attackers. The '
'malware spread rapidly, primarily affecting users who '
'believed they were downloading legitimate AI software '
'updates. The incident not only caused financial damage due to '
"the illicit use of resources but also tainted Ultralytics' "
'reputation for secure and reliable software.',
'impact': {'brand_reputation_impact': 'Significant',
'systems_affected': 'Thousands'},
'initial_access_broker': {'entry_point': 'AI Model Update'},
'motivation': 'Financial Gain',
'title': 'Cryptomining Malware Infection via AI Model Hijacking',
'type': 'Malware',
'vulnerability_exploited': 'Trust in AI Model Updates'}