**Hackers Target Misconfigured Proxies to Break into LLM Services**
The dark web has become increasingly hostile, with hackers employing new tactics to breach top Large Language Model (LLM) services. According to experts, malicious actors are exploiting misconfigured proxies in their pursuit of these highly sensitive systems.
Researchers at GreyNoise recently conducted an experiment that highlighted the scope of this threat. Between October 2025 and January 2026, they set up a fake AI system designed to mimic a genuine LLM service. The purpose was to see who would try to interact with it, revealing the tactics hackers employ to gain unauthorized access.
Between these dates, GreyNoise recorded an astonishing 91,000+ attack sessions against their fake AI system. This data exposed not one but two distinct attack campaigns launched by malicious actors. The first campaign involved a threat actor attempting to trick AI servers into connecting to a server under their control. They abused features like model downloads or webhooks, causing the server to "phone home" without the owner's knowledge.
The attackers would then patiently watch for callbacks to confirm if the underlying system was vulnerable to exploitation. This approach was particularly insidious, as it allowed them to operate undetected for an extended period.
The second campaign revealed a more sophisticated strategy employed by hackers. Two IP addresses repeatedly hammered exposed AI endpoints tens of thousands of times in a matter of weeks. The goal here wasn't immediate breaching but rather mapping the availability and configuration details of various LLM services.
The attackers used simple questions, such as "How many states are there in the US," to determine which AI model was being utilized without triggering any alarms. They systematically tested OpenAI-style APIs, Google Gemini formats, and dozens of major model families, targeting proxies or gateways that inadvertently exposed paid or internal AI access.
GreyNoise also sought to verify whether these attacks were carried out by a hobbyist or a cybersecurity researcher rather than a malicious actor. Their investigation revealed that the infrastructure used in this campaign had been linked to real-world vulnerability exploitation in the past and peaked during the Christmas break, further confirming its nefarious intent.
GreyNoise's findings underscored the urgent need for LLM services to address misconfigured proxies: "OAST callbacks are standard vulnerability research techniques. But the scale and Christmas timing suggest grey-hat operations pushing boundaries." Moreover, the researchers observed that these same servers had previously been used to scan hundreds of CVEs.
**The Dangers of Misconfigured Proxies**
Misconfigured proxies have become a significant vulnerability in LLM services, allowing hackers to gain unauthorized access. In this article, we will delve into the specifics of this issue and highlight its consequences.
Learn more about the best antivirus software for your business and stay ahead of emerging threats in cybersecurity.
About the Author:
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). With over a decade of experience, he has contributed to numerous media outlets, including Al Jazeera Balkans.
Stay ahead in the world of technology with TechRadar Pro's latest news, opinion, features, and guidance. Sign up for our newsletter today and ensure you don't miss a beat!
Follow us on social media to stay informed about the latest developments in IT and cybersecurity:
Subscribe to our newsletter for the latest news, reviews, and insights from the world of technology.