LLMjacking Evolved: Attackers Are Using Stolen AI Compute to Build Offensive Agentic Tools
Sysdig, Wednesday, June 17th, 2026
Attackers are weaponizing exposed AI model servers to power autonomous hacking frameworks.
Sysdig's threat research team discovered a threat actor using an unsecured Ollama model server as the reasoning engine for an automated multi-stage exploitation tool dubbed VAPT. The tool orchestrates reconnaissance, vulnerability matching, proof-of-concept generation, and privilege escalation through structured prompts.
This represents the convergence of AI compute theft (LLMjacking) with autonomous offensive capabilities. The case shows how the proliferation of unauthenticated self-hosted model infrastructure creates economic incentives for attackers to build sophisticated AI-powered attack systems without bearing the compute costs.