Over 175,000 publicly accessible Ollama AI servers discovered worldwide

• 175,000 Ollama systems misconfigured and exposed to the public without authentication
• Attackers exploit instances via LLMjacking to generate spam and malware content
• The issue is due to user misconfiguration and can only be resolved by binding to localhost

Security researchers have claimed that around 175,000 Ollama systems are exposed worldwide, putting them at risk of all sorts of malicious activities. In fact, some are already being abused and if you are one of those running an Ollama instance, you should think about reconfiguring it.

Recently, SentinelOne SentinelLABS and Censys discovered that many companies are running AI models locally using Ollama (the AI ​​only listens to the computer it is running on, not the internet).