Crypto‑Jacking Hits DevOps & AI Tools
Posted: Tue Jun 24, 2025 8:24 am
A new cryptojacking campaign, known as JINX-0132, is targeting vulnerable DevOps and AI infrastructure. Security researchers have revealed that the attackers are exploiting misconfigured systems such as Nomad, Consul, Docker, Gitea, and Open WebUI to deploy cryptocurrency mining software without detection.
Unlike traditional malware attacks, this campaign uses legitimate tools and public GitHub repositories to run their operations. This makes it difficult for antivirus and security tools to identify the threat. In some incidents, attackers gained access to unsecured Open WebUI instances—open-source interfaces used for AI interactions—and uploaded malicious Python scripts. These scripts downloaded mining software like T-Rex and XMRig, set up persistence on the machine, and even used Discord webhooks for remote command and control.
On Windows systems, the situation worsened with added payloads that could steal credentials from Discord and various crypto wallets. The attackers relied on common misconfigurations: unauthenticated APIs, exposed default settings, and lack of proper access control. For example, Docker APIs allowed full system control, and Nomad's job submission endpoints were left open to the public.
According to recent estimates, about 25% of cloud-based environments use at least one of the affected tools. Alarmingly, 5% of these systems are directly exposed to the internet, and over 30% of those are misconfigured—making them prime targets for attacks like JINX-0132.
To defend against such threats, experts recommend securing all public interfaces, enforcing strong authentication, disabling unnecessary endpoints, and applying the latest security patches. Teams must treat DevOps and AI interfaces with the same security rigor as production systems. This includes monitoring for abnormal activity, using firewalls, and conducting regular vulnerability scans to reduce exposure and prevent unauthorized mining operations.
Unlike traditional malware attacks, this campaign uses legitimate tools and public GitHub repositories to run their operations. This makes it difficult for antivirus and security tools to identify the threat. In some incidents, attackers gained access to unsecured Open WebUI instances—open-source interfaces used for AI interactions—and uploaded malicious Python scripts. These scripts downloaded mining software like T-Rex and XMRig, set up persistence on the machine, and even used Discord webhooks for remote command and control.
On Windows systems, the situation worsened with added payloads that could steal credentials from Discord and various crypto wallets. The attackers relied on common misconfigurations: unauthenticated APIs, exposed default settings, and lack of proper access control. For example, Docker APIs allowed full system control, and Nomad's job submission endpoints were left open to the public.
According to recent estimates, about 25% of cloud-based environments use at least one of the affected tools. Alarmingly, 5% of these systems are directly exposed to the internet, and over 30% of those are misconfigured—making them prime targets for attacks like JINX-0132.
To defend against such threats, experts recommend securing all public interfaces, enforcing strong authentication, disabling unnecessary endpoints, and applying the latest security patches. Teams must treat DevOps and AI interfaces with the same security rigor as production systems. This includes monitoring for abnormal activity, using firewalls, and conducting regular vulnerability scans to reduce exposure and prevent unauthorized mining operations.