On 28 November 2025 Sysdig researchers observed an attacker gain full administrative control of a companyβs AWS cloud environment in just eight minutes after finding exposed test credentials in a public S3 bucket. The breach combined Lambda code injection and privilege escalation into a βfrickβ account, with indicators of LLM-assisted automation and LLMjacking used to run expensive models and attempt to spin up a costly GPU instance. #Sysdig #S3Bucket
Keypoints
- Exposed test credentials in a public S3 bucket allowed the attacker initial access.
- With ReadOnlyAccess the intruder rapidly enumerated Secrets Manager, RDS, CloudWatch and other resources.
- Code injection into Lambda and repeated edits to an EC2-init function enabled escalation into the βfrickβ administrative account.
- Sysdig found strong indicators of LLM-assisted automation, including Serbian comments and hallucinated AWS IDs, and LLMjacking to run Claude 3.5 Sonnet, DeepSeek R1 and Amazon Titan.
- Mitigations include removing public keys, using IAM roles, monitoring for massive enumeration, and enforcing strict identity and privilege boundaries for automated accounts.
Read More: https://hackread.com/8-minute-takeover-ai-hijack-cloud-access/