Industry Newsllmcloud securityawsbedrock

Cloud Attack Exploits AI To Steal Compute

||By LDS Team
9.2
Relevance Score
Cloud Attack Exploits AI To Steal Compute
Photo: blogger.googleusercontent.com · rights & takedowns

Sysdig Threat Research Team observed an offensive cloud operation that used exposed AWS S3 credentials to gain access and escalate to administrative control in less than 10 minutes. Attackers automated reconnaissance and code generation via LLMs (LLMjacking), injected malicious Lambda code, and abused Amazon Bedrock plus a p4d.24xlarge instance (≈$23,600/month) while installing a persistent JupyterLab backdoor. Sysdig recommends rotating credentials, securing S3, restricting Lambda permissions, and monitoring Bedrock usage.

Key Points

  • 1Automated LLM-driven intrusion used exposed S3 credentials and malicious Lambda injection for rapid access.
  • 2Enabled sub-10-minute admin escalation and lateral movement across 19 principals, facilitating costly compute theft.
  • 3Monitor Bedrock invocations, eliminate long-term keys, restrict Lambda UpdateFunctionCode, and alert on unusual resource usage.

Scoring Rationale

High novelty and urgent mitigations from an authoritative vendor; coverage limited to a single incident and observational source.

Sources

Public references used for this report.

2 sources

Practice with real Logistics & Shipping data

90 SQL & Python problems · 15 industry datasets

250 free problems · No credit card

See all Logistics & Shipping problems