Threat Research

AWS Launches Improvements for Key Quarantine Policy

Sysdig

AWS expanded its AWSCompromisedKeyQuarantine managed policies (v2 and v3) to block additional API actions that attackers have abused when using stolen access keys. The update adds roughly 29 new restricted actions—including Bedrock, Amplify, CodeBuild, SageMaker, ECS, and SES calls—to limit misuse of compromised keys. #AWSCompromisedKeyQuarantine #AMBERSQUID

Keypoints

  • AWS updated AWSCompromisedKeyQuarantine (v2 and v3) to include new restricted actions to limit misuse of compromised access keys.
  • The quarantine policy is applied to keys AWS suspects are compromised (for example, keys found in public GitHub repos) to lock down dangerous API calls.
  • The MAMIP project detected the policy change on October 2, 2024, identifying roughly 29 newly restricted actions.
  • Five AWS Bedrock API calls were added to prevent abuse of hosted LLMs (LLMjacking-style attacks).
  • Actions for lesser-known services abused for cryptomining—Amplify, CodeBuild, SageMaker, and ECS—were included to disrupt operations like AMBERSQUID.
  • SES-related actions used for spam/phishing were also addressed to prevent credential-driven email abuse.
  • These restrictions only apply when the quarantine policy is attached to an access key; ongoing credential protection and monitoring remain necessary.

MITRE Techniques

  • [T1003] Credential Dumping – Describes attackers using stolen credentials to access AWS services. ‘Attackers may use compromised credentials to access AWS services.’
  • [T1210] Exploitation of Remote Services – Attackers exploit AWS services (ECS, SES, etc.) for malicious activities. ‘Attackers exploit AWS services like ECS and SES for malicious purposes.’
  • [T1496] Resource Hijacking – Compromised AWS services are used for cryptomining and resource abuse. ‘Cryptomining operations using compromised AWS services.’

Indicators of Compromise

  • [Domain] Policy and documentation references – docs.aws.amazon.com (AWS policy doc), github.com/zoph-io/MAMIP (MAMIP repository)
  • [URLs] Report and blog sources – https://sysdig.com/blog/aws-launches-improvements-for-key-quarantine-policy/, https://sysdig.com/blog/llmjacking-stolen-cloud-credentials-used-in-new-ai-attack/

AWS expanded the technical scope of its AWSCompromisedKeyQuarantine managed policies (v2 and v3) to block additional API actions commonly abused with stolen access keys. The service now prevents roughly 29 more actions from being executed by keys that have the quarantine attached; AWS can auto-apply this quarantine when keys are detected in public GitHub repositories or otherwise flagged as compromised.

The newly restricted actions target specific abuse patterns: five Bedrock API calls were added to curb LLM abuse (costly hosted model usage), and multiple calls across Amplify, CodeBuild, SageMaker, and ECS were blocked to disrupt rapid cryptomining deployments like AMBERSQUID. SES and other email-related actions were also restricted to prevent sending spam/phishing via compromised credentials. MAMIP monitored and reported these policy changes on October 2, 2024.

Operationally, the quarantine enforces a limited, curated deny-list of actions; it only takes effect for access keys that AWS identifies and attaches the quarantine to. Therefore, organizations should not rely solely on this automated protection: continue to scan for exposed keys, monitor usage patterns, rotate credentials, and apply principle-of-least-privilege policies to reduce the window of abuse.

Read more: https://sysdig.com/blog/aws-launches-improvements-for-key-quarantine-policy/