Langflow RCE Exploited for Monero Miner Deployment on Exposed AI Endpoints
Threat actors exploit CVE-2026-33017 in Langflow to deploy Monero miners, terminate competing cryptojacking processes, and establish persistence across SSH-accessible hosts.
Attack Brief
TargetLangflow AI application endpointsVectorUnauthenticated remote code execution (RCE) via CVE-2026-33017Attributionunattributed
Technical Details
CVE IDsCVE-2026-33017MITRE ATT&CKT1190T1059.006T1053.006T1070.004T1222.001IoCs83.142.209.214:80ipinfo.ioAffectedLangflow (unauthenticated API endpoints); ELF binary 'lambsys' written in Go; XMRig miner
Impact
Confirmed DamageMonero cryptocurrency mining; termination of competing Kinsing, WatchDog, Rocke, and Outlaw miner processes; lateral movement via SSH key reuse; system log deletion; security control disablement (AppArmor, UFW, iptables, SELinux, NMI watchdog, Aliyun agent)
Mitigation
DetectionMonitor for Python code execution within unauthenticated Langflow API endpoints; detect shell script downloads and 'lambsys' binary execution; identify cron-based persistence mechanisms; monitor SSH key access patterns; detect XMRig miner signatures and beaconing to 83.142.209.214:80
Context
Similar AttacksExploitation of exposed Langflow instances; cryptojacking campaigns targeting Kinsing, WatchDog, Rocke, and Outlaw groups; SSH-based lateral movement in cryptocurrency mining operations