AI Accelerates Cloud Attack Timelines
In a groundbreaking incident in November 2025, cybercriminals harnessed artificial intelligence to drastically reduce the time required for cloud attacks. The Sysdig Threat Research Team (TRT) revealed that these threat actors achieved AWS administrative access in under 10 minutes, showcasing the rapid evolution and sophistication of AI-facilitated cyber threats.
The attackers leveraged large language models (LLMs) to perform automated reconnaissance, generate harmful code, and make real-time attack decisions. Their target was an Amazon Web Services (AWS) environment, marking a significant shift in how quickly and efficiently cyber threats can emerge in cloud settings.
Exploiting AWS Credentials
The breach commenced when attackers discovered legitimate AWS credentials in publicly available Simple Storage Service (S3) buckets containing Retrieval-Augmented Generation (RAG) data for AI models. These credentials belonged to an Identity and Access Management (IAM) user with permissions on AWS Lambda and limited access to Amazon Bedrock.
Using a ReadOnlyAccess policy, the attackers conducted extensive reconnaissance across various AWS services, including Secrets Manager, EC2, and CloudWatch. They then manipulated permissions on Lambda to insert malicious code into an existing function, ultimately gaining admin access by creating new access keys.
Advanced Tactics and AI Utilization
Throughout the operation, the attackers demonstrated advanced techniques, likely assisted by AI tools. The code injection into Lambda was marked by comprehensive exception handling and comments in Serbian, hinting at the attackers’ possible origins. Attempts to assume roles in fabricated AWS accounts and references to non-existent repositories further illustrated AI’s role in this attack.
In addition to compromising multiple AWS principals, the attackers created a backdoor user, enabling persistent access. They disabled model invocation logging and initiated ‘LLMjacking’ operations, invoking several AI models within Amazon Bedrock.
Resource Exploitation and Defense Measures
Expanding their exploitation, the attackers provisioned expensive EC2 instances to run deep learning applications, circumventing AWS credentials by installing a JupyterLab server. They used an IP rotation tool to evade detection, showcasing a sophisticated level of evasion tactics.
To mitigate such threats, organizations are urged to enforce the principle of least privilege for IAM users, restrict critical permissions, ensure secure bucket configurations, and enhance logging and monitoring. As AI tools become more advanced, these types of attacks may increase, necessitating robust runtime detection and security measures.
Stay informed on cybersecurity trends by following us on Google News, LinkedIn, and X. Contact us to share your stories.
