嗯,用户让我帮忙总结一篇文章,控制在一百个字以内,而且不需要特定的开头。首先,我需要仔细阅读文章内容,抓住主要信息。 文章讲的是从2026年3月10日开始,DShield传感器检测到针对多个AI模型的探测活动,比如Claude、OpenClaw和HuggingFace。这些探测来自一个特定的IP地址81.168.83.103,该IP自2026年1月29日起就开始扫描,并且还在继续。扫描不仅针对AI相关端点,还涉及与网络内容相关的端口。 接下来,用户提供了ES|QL查询和一些指标,包括具体的URL路径和IP信息。这些细节显示了攻击者试图获取AI模型的配置文件和敏感数据。 总结的时候,我需要涵盖时间范围、探测的目标、来源IP以及扫描的持续性。同时,要简洁明了,不超过一百个字。 可能会这样组织:从2026年3月10日开始,某个IP持续探测多个AI模型,并且还扫描了其他网络端口。这样既涵盖了时间、目标、来源和行为。 最后检查一下字数是否符合要求,并确保没有使用任何特定的开头词。 </think> 自2026年3月10日起,DShield传感器检测到针对Claude、OpenClaw、HuggingFace等AI模型的探测活动。这些活动来自IP地址81.168.83.103,并持续至今。该IP还扫描了与网络内容相关的端口。 2026-4-15 00:19:53 Author: isc.sans.edu(查看原文) 阅读量:15 收藏
Starting March 10, 2026, my DShield sensor started getting probe for various AI models such as claude, openclaw, huggingface, etc. Reviewing the data already reported by other DShield sensors to ISC, the DShield database shows reporting of these probes started that day and has been active ever since.
Based on what we currently have reported, it appears the only source scanning for these models is IP 81.168.83.103. However, my sensor has been actively scanned by this source since January 29, 2026 and is still ongoing today. Beside the AI probe, it has been scanning various ports that are often associated with web content.
Reviewing the scanning activity from this host, it appears this source is the only IP we see reported to DShield performing this activity.
ES|QL Query [1]
Using this ES|QL query in Kibana discover, it lists all the URL the actor is looking for. I recorded 52 queries between March 10 to April 13, 2026 where April 3rd, 2026 received the most activity.
FROM cowrie*
| WHERE event.reference == "no match"
| WHERE http.request.body.content IS NOT NULL
| KEEP @timestamp, http.request.body.content
| WHERE http.request.body.content LIKE "*openclaw*" OR http.request.body.content LIKE "*claude*" OR http.request.body.content LIKE "*huggingface*" OR http.request.body.content LIKE "*openai*" OR http.request.body.content LIKE "*clawdbot*"
| SORT @timestamp DESC
| STATS Total=COUNT(http.request.body.content) BY AI_Scan_Activity=BUCKET(@timestamp, 50, ?_tstart, ?_tend)
This graph shows the start of activity searching for clawbot/moltbot first reported March 10, 2026 ever since then.
Indicators
81.168.83.103 (AS 20860)
/.openclaw/workspace/db.sqlite
/.openclaw/workspace/chroma.db
/.openclaw/secrets.json
/.clawdbot/moltbot.json
/.claude/settings.json
/.claude/.credentials.json
/.cache/huggingface/token
/openai/env.json
/openai/credentials.json
[1] https://www.elastic.co/guide/en/elasticsearch/reference/8.19/esql-functions-operators.html
[2] https://isc.sans.edu/weblogs/urlhistory.html?url=Ly5jYWNoZS9odWdnaW5nZmFjZS90b2tlbg== (/.cache/huggingface/token)
[3] https://isc.sans.edu/weblogs/urlhistory.html?url=Ly5jbGF3ZGJvdC9tb2x0Ym90Lmpzb24= (/.clawdbot/moltbot.json)
[4] https://isc.sans.edu/weblogs/urlhistory.html?url=Ly5vcGVuY2xhdy9zZWNyZXRzLmpzb24= (/.openclaw/secrets.json)
[5] https://www.ox.security/blog/one-step-away-from-a-massive-data-breach-what-we-found-inside-moltbot/
[6] https://www.virustotal.com/gui/ip-address/81.168.83.103
[7] https://www.shodan.io/host/81.168.83.103 (Linux system)
-----------
Guy Bruneau IPSS Inc.
My GitHub Page
Twitter: GuyBruneau
gbruneau at isc dot sans dot edu
如有侵权请联系:admin#unsafe.sh