Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and allow sports activities piracy utilizing stay streaming seize instruments.
The assaults contain the hijack of unauthenticated Jupyter Notebooks to determine preliminary entry, and carry out a sequence of actions designed to facilitate unlawful stay streaming of sports activities occasions, Aqua mentioned in a report shared with The Hacker Information.
The covert piracy marketing campaign inside interactive environments extensively used for knowledge science purposes was found by the cloud safety agency following an assault towards its honeypots.
“First, the attacker up to date the server, then downloaded the instrument FFmpeg,” Assaf Morag, director of risk intelligence at cloud safety agency Aqua. “This motion alone will not be a robust sufficient indicator for safety instruments to flag malicious exercise.”
“Subsequent, the attacker executed FFmpeg to seize stay streams of sports activities occasions and redirected them to their server.”
In a nutshell, the tip purpose of the marketing campaign is to obtain FFmpeg from MediaFire and use it to file stay sports activities occasions feeds from the Qatari beIN Sports activities community and duplicate the printed on their unlawful server through ustream[.]television.
It isn’t clear who’s behind the marketing campaign, though there are indications that they could possibly be of Arab-speaking origin owing to one of many IP addresses used (41.200.191[.]23).
“Nonetheless, it is essential to keep in mind that the attackers gained entry to a server supposed for knowledge evaluation, which may have severe penalties for any group’s operations,” Morag mentioned.
“Potential dangers embody denial-of-service, knowledge manipulation, knowledge theft, corruption of AI and ML processes, lateral motion to extra crucial environments, and, within the worst-case state of affairs, substantial monetary and reputational injury.”
