In September 2024, threat actors conducted a campaign exploiting exposed AWS access keys to hijack AWS Bedrock services for operating illicit AI-powered roleplay chatbots. The attackers leverage compromised long-lived credentials (AKIA keys) discovered primarily through GitHub...

In September 2024, threat actors conducted a campaign exploiting exposed AWS access keys to hijack AWS Bedrock services for operating illicit AI-powered roleplay chatbots. The attackers leverage compromised long-lived credentials (AKIA keys) discovered primarily through GitHub...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/llmjacking-for-roleplaying-campaign