Advertisement
Cyber Crime

AI Gateways Face New Threats as Attackers Pivot to Cryptomining

Researchers have identified a new vector where cloud-hosted AI infrastructure is being hijacked for illicit cryptocurrency operations.

·3 hours ago·2 min read
diagram
Photo by Growtika on Unsplash
Advertisement

The integration of artificial intelligence into enterprise workflows has introduced novel vulnerabilities, turning once-innocuous infrastructure into prime targets for threat actors. A recent report highlights how a misconfigured gateway, designed to streamline access to large language models, was quickly converted into a platform for unauthorized resource consumption.

Hijacking the Cloud Infrastructure

The incident centered on an Amazon EC2 instance operating a LiteLLM-Proxy. By serving as an intermediary between applications and Amazon Bedrock, this gateway was granted elevated, centralized permissions, making it a high-value target for adversaries seeking to exploit cloud environments. Because the instance was left vulnerable to SSH connections from the public internet, attackers were able to gain unauthorized entry through what appears to be a brute-force approach.

Once the perimeter was breached, the actors moved to monetize their access. They deployed XMRig, the industry-standard software for mining cryptocurrency. Within a matter of minutes, the compromised instance established persistent, encrypted communication channels with a remote mining pool, signaling the start of a cryptojacking operation that triggered automated security alerts.

Shadows of Credential Misuse

Beyond the immediate resource theft, the attackers appeared to probe further into the target's cloud environment. Suspicious activity was detected originating from an AWS Identity and Access Management user account, which began executing unusual commands. These actions included the enumeration and invocation of foundation models, as well as attempts to establish new administrative accounts.

Darktrace said there was insufficient evidence to conclusively link the IAM activity with the earlier compromise of the AI gateway, but stressed that the behavior could indicate attempted cloud credential misuse.

Investigative efforts linked these secondary activities to IP addresses traced to Vietnam. While a direct correlation between the initial gateway compromise and the IAM manipulation remains unconfirmed, the proximity of these events highlights the risks inherent in cloud-based access control.

Data Points on the Breach

  • The breach originated from an EC2 instance left open to global SSH connections.
  • The attackers utilized XMRig to initiate mining operations within minutes of gaining access.
  • Suspicious IAM activity included efforts to invoke Amazon Bedrock foundation models and create new user accounts.

Securing the AI Perimeter

This incident underscores a shifting reality for organizations deploying AI at scale: centralizing access to AI services via gateways creates a single point of failure that requires rigorous security hardening. When gateway infrastructure is misconfigured, it does not just risk data exposure; it provides attackers with the compute power needed for profitable illicit activities like cryptojacking.

For businesses, the priority must be limiting the blast radius of these gateways. This involves enforcing strict port closures, implementing least-privilege roles for IAM users, and maintaining continuous, active monitoring of the cloud control plane. As AI infrastructure becomes increasingly central to enterprise operations, these gateways will remain a primary target for attackers looking to exploit both computing cycles and privileged identity credentials.

#cloud security#cryptojacking#aws#ai#amazon bedrock
← Back to all stories
Advertisement