Darktrace honeypots captured a campaign where attackers leveraged AI-generated malware to target React2Shell vulnerability in exposed Docker environments. The React2Shell AI malware featured extensively commented Python scripts, hallmarks of LLM output framed as educational tools.
This lowers entry barriers for cryptomining operations, compromising container resource availability and integrity in cloud setups. “Vibecoding” enables rapid custom exploit development by novices, shifting attack dynamics toward behavioral evasion over traditional obfuscation.
Attack Sequence
Intruders probed unauthenticated Docker APIs on “CloudyPots” network, spawning “python-metrics-collector” containers mimicking legitimate telemetry services. Startup commands sequentially installed curl, wget, and python3 utilities. These fetched dependency lists from Pastebin at hxxps://pastebin[.]com/raw/Cce6tjHM, then executed primary scripts hosted at smplu[.]link/dockerzero. The URL redirected to a now-banned GitHub Gist under “hackedyoulol,” delivering the core exploit payload exploiting React2Shell for remote shell access.
Malware Characteristics
Analysis via GPTZero detected 76% AI generation probability, evidenced by verbose inline comments and preamble stating “Network Scanner with Exploitation Framework – Educational/Research Purpose Only.” Such disclaimers suggest jailbreaking safety-aligned LLMs through research framing.
Code structure employed clean Next.js server components to trigger exceptions, surfacing command outputs central to React2Shell mechanics. Unlike human malware’s brevity and packing, this payload prioritized readability, complicating static signature defenses.
No CVE documented for the Docker daemon exposure enabling React2Shell.
Campaign Metrics
Final payloads deployed XMRig miner version 6.21.0 targeting supportxmr Monero pool. Wallet tracking revealed 91 successful infections yielding 0.015 XMR, approximately £5 value. Low financial return highlights scalability for low-skill operators rather than high-profit motives.
Indicators consolidated below.
| Indicator Type | Value |
|---|---|
| Spreader IP | 49.36.33.11 |
| Pastebin URL | hxxps://pastebin[.]com/raw/Cce6tjHM |
| Malware Domain | smplu[.]link/dockerzero |
| SHA256 Hash 1 | 594ba70692730a7086ca0ce21ef37ebfc0fd1b0920e72ae23eff00935c48f15b |
| SHA256 Hash 2 | d57dda6d9f9ab459ef5cc5105551f5c2061979f082e0c662f68e8c4c343d667d |
Defensive Implications
Absence of self-propagating worm logic indicates remote spreading from Indian residential IP 49.36.33.11, likely via centralized server or proxy automation. LLM variability undermines hash-based detection, favoring anomaly monitoring of container spawns, unusual package fetches, and mining processes. Docker authentication remains foundational mitigation.
The React2Shell AI malware campaign demonstrates AI bridging skill gaps, enabling persistent resource hijacking despite marginal gains. Darktrace stresses behavioral defenses and configuration hardening against LLM-augmented threats proliferating in containerized environments.
No Comment! Be the first one.