Tags: model extraction

Google’s Threat Tracker report reveals that hackers are conducting "distillation attacks" by flooding the Gemini AI model with more than 100,000 prompts to steal its underlying technology. The attempts appear to originate from actors in North Korea, Russia and China and are classified as model extraction attacks, where adversaries probe a mature machine‑learning system to replicate its capabilities. While Google says the activity does not threaten end users directly, it poses a serious risk to service providers and AI developers whose models could be copied and repurposed. The report highlights a growing wave of AI‑focused theft and underscores the need for stronger defenses in the rapidly evolving AI landscape. Ler mais

Cisco Talos identified more than 1,100 Ollama servers publicly reachable on the internet, many of which lack proper security controls. While roughly 80% of the servers are dormant, the remaining 20% host active language models that could be exploited for model extraction, jailbreaking, backdoor injection, and other attacks. The majority of exposed instances are located in the United States, followed by China and Germany, underscoring a widespread neglect of basic security practices such as access control and network isolation in AI deployments. Ler mais