cybersecurity

5828 readers

31 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks@infosec.pub

tweedge@infosec.pub

AWS intruder pulled off AI-assisted cloud break-in in 8 mins (www.theregister.com)

submitted 19 hours ago by cm0002@literature.cafe to c/cybersecurity@infosec.pub

2 comments fedilink hide all child comments

A digital intruder broke into an AWS cloud environment and in just under 10 minutes went from initial access to administrative privileges, thanks to an AI speed assist.

The Sysdig Threat Research Team said they observed the break-in on November 28, and noted it stood out not only for its speed, but also for the "multiple indicators" suggesting the criminals used large language models to automate most phases of the attack, from reconnaissance and privilege escalation to lateral movement, malicious code writing, and LLMjacking - using a compromised cloud account to access cloud-hosted LLMs.

"The threat actor achieved administrative privileges in under 10 minutes, compromised 19 distinct AWS principals, and abused both Bedrock models and GPU compute resources," Sysdig's threat research director Michael Clark and researcher Alessandro Brucato said in a blog post about the cloud intrusion. "The LLM-generated code with Serbian comments, hallucinated AWS account IDs, and non-existent GitHub repository references all point to AI-assisted offensive operations."

top 2 comments

sorted by: hot top controversial new old

[–] user28282912@piefed.social 10 points 18 hours ago (1 children)

If your operation can be hacked by Clippy on Acid then it was not exactly Fort Knox to begin with.

[–] cm0002@literature.cafe 4 points 18 hours ago

Clippy on Acid

Bro. That would fuckin awesome lmfao and way to cool for an LLM lol