Man
Professional
- Messages
- 3,061
- Reaction score
- 586
- Points
- 113
Attackers use stolen data for illegal role-playing games.
In recent months, cybercriminals have increasingly used stolen cloud credentials to launch and sell services using AI chat rooms, many of which lean towards dark role-playing game scenarios, including illegal and immoral topics. A study by Permiso Security found that attackers are actively exploiting vulnerable cloud environments to access artificial intelligence models such as Amazon Web Services (AWS' Bedrock) and using them to run such services.
Experts note an increase in attacks on generative AI infrastructure over the past six months, especially in the case of cloud key leaks through public repositories such as GitHub. The researchers found that the stolen AWS credentials were used to interact with language models (LLMs) available on the Bedrock platform. In the absence of logs that track actions with default models, the affected companies did not have access to information about how the attackers used these resources.
For a deeper analysis, Permiso intentionally published the AWS test key on GitHub and enabled full logging. The results of the experiment were shocking: a few minutes after the leak, the key was intercepted and used in a service that offers users sexy chats powered by AI. With so-called "jailbreaks", the attackers bypassed content filters, allowing models to respond to bans, resulting in more than 75,000 interactions in two days, almost all of which were related to sexual topics.
Analysis of the data showed that in some cases, these chats went as far as extremely dark and illegal scenarios, such as fantasies of child abuse and sexual exploitation. It is noteworthy that such attacks on cloud services, as the researchers note, not only allow cybercriminals to avoid paying for the use of power, but also create huge bills for victims. In one case, the potential cost for the company could be as high as $46,000 per day.
AWS said that it has implemented additional measures to protect Bedrock from such attacks, as well as improved notification systems to warn credential owners about their leakage. However, the researchers found that the attackers began to check for enabled logs before using the stolen credentials, which shows the high degree of adaptation of cybercriminals to protection.
Against the backdrop of the scandal that unfolded, some services offering such chats began to curtail their most controversial sections, although the activity and demand for such illegal services continues to grow.
Source
In recent months, cybercriminals have increasingly used stolen cloud credentials to launch and sell services using AI chat rooms, many of which lean towards dark role-playing game scenarios, including illegal and immoral topics. A study by Permiso Security found that attackers are actively exploiting vulnerable cloud environments to access artificial intelligence models such as Amazon Web Services (AWS' Bedrock) and using them to run such services.
Experts note an increase in attacks on generative AI infrastructure over the past six months, especially in the case of cloud key leaks through public repositories such as GitHub. The researchers found that the stolen AWS credentials were used to interact with language models (LLMs) available on the Bedrock platform. In the absence of logs that track actions with default models, the affected companies did not have access to information about how the attackers used these resources.
For a deeper analysis, Permiso intentionally published the AWS test key on GitHub and enabled full logging. The results of the experiment were shocking: a few minutes after the leak, the key was intercepted and used in a service that offers users sexy chats powered by AI. With so-called "jailbreaks", the attackers bypassed content filters, allowing models to respond to bans, resulting in more than 75,000 interactions in two days, almost all of which were related to sexual topics.
Analysis of the data showed that in some cases, these chats went as far as extremely dark and illegal scenarios, such as fantasies of child abuse and sexual exploitation. It is noteworthy that such attacks on cloud services, as the researchers note, not only allow cybercriminals to avoid paying for the use of power, but also create huge bills for victims. In one case, the potential cost for the company could be as high as $46,000 per day.
AWS said that it has implemented additional measures to protect Bedrock from such attacks, as well as improved notification systems to warn credential owners about their leakage. However, the researchers found that the attackers began to check for enabled logs before using the stolen credentials, which shows the high degree of adaptation of cybercriminals to protection.
Against the backdrop of the scandal that unfolded, some services offering such chats began to curtail their most controversial sections, although the activity and demand for such illegal services continues to grow.
Source
