绑架Llobin, 网络威胁盗用AI模型访问, 击中DeepSeek, 突出暴露的API证书的风险。 LLMjacking, a cyber threat stealing AI model access, hits DeepSeek, highlighting risks of exposed API credentials.

以大型语言模式为对象的网络威胁Llobking, DeepSeek是中国开发的流行的AI模式, LLMjacking, a cyber threat targeting large language models, has been growing rapidly, with DeepSeek, a popular Chinese-developed AI model, being the latest victim. 攻击者在未经许可的情况下盗用AI模型的API证书,给合法使用者造成财政损失。 Attackers steal API credentials to run AI models without permission, causing financial losses to legitimate users. 被盗证经常在黑暗的网络市场上出售,攻击者利用Discoord和4chan等论坛分享技术。 Stolen credentials are often sold on dark web markets, and attackers use forums like Discord and 4chan to share techniques. 为打击这种现象,各组织必须利用管理工具取得证书,使用临时出入钥匙,监测异常活动,并定期扫描暴露的证书。 To combat this, organizations must secure credentials with management tools, use temporary access keys, monitor for abnormal activity, and regularly scan for exposed credentials.