Researchers say an attacker used AI assistance to gain full administrative access to an AWS environment in under ten minutes after stealing exposed cloud credentials.
The incident, observed (on 28 November) by the Sysdig Threat Research Team, began with valid IAM credentials taken from publicly accessible Amazon S3 buckets. Those credentials allowed limited access to AWS Lambda and Amazon Bedrock, enabling rapid automated reconnaissance.
After failing to assume common admin roles, the attacker escalated privileges by modifying an existing Lambda function (a small piece of code that runs automatically in AWS without managing servers) with an overly permissive execution role. This allowed them to create access keys for a real admin account and compromise 19 AWS identities in total.
The attacker then reportedly accessed sensitive data, invoked multiple Bedrock AI models, and attempted to launch high-cost GPU instances. Hallucinated account IDs and references to non-existent repositories pointed to LLM-generated attack code.
AWS said its services were not breached and that the incident stemmed from customer misconfiguration. Businesses can reduce risk by removing credentials from public storage, enforcing least-privilege IAM and Lambda permissions, restricting Lambda code updates, and enabling logging to detect unauthorised activity quickly.