02-14-2025, 12:10 PM
News whoAMI name confusion attacks can expose AWS accounts to malicious code executi
<div id="remove_no_follow">
<div class="grid grid--cols-10@md grid--cols-8@lg article-column">
<div class="col-12 col-10@md col-6@lg col-start-3@lg">
<div class="article-column__content">
<section class="wp-block-bigbite-multi-title"><div class="container"></div></section>
<p>Thousands of active AWS accounts are vulnerable to a cloud image name confusion attack that could allow attackers to execute codes within those accounts.</p>
<p>According to DataDog research, vulnerable patterns exist in the way multiple software projects retrieve Amazon Machine Image (AMIs) IDs to create Amazon elastic compute cloud (EC2) instances.</p>
<p>“The vulnerable pattern allows anyone that publishes an AMI with a specially crafted name to gain code execution within the vulnerable AWS account,” the researchers said in a blog post. “If executed at scale, this attack could be used to gain access to thousands of accounts.”</p>
<h2 class="wp-block-heading"><a></a>The whoAMI attack</h2>
<p>Researchers have demonstrated that the attack vector “whoAMI” can impact many private and open-source code repositories. Over 10,000 AWS accounts are vulnerable to this attack, about 1% of the reported<a href="https://www.sortlist.com/datahub/reports/aws-statistics/"> one million active</a> AWS deployments.</p>
<p>The whoAMI attack is a name confusion exploit, a type of<a href="https://www.csoonline.com/article/561323/supply-chain-attacks-show-why-you-should-be-wary-of-third-party-providers.html"> supply chain attack</a> where misconfigured software is tricked into using a malicious resource. Unlike the<a href="https://www.csoonline.com/article/570433/dependency-confusion-explained-another-risk-when-using-open-source-repositories.html"> dependency confusion attacks</a>, which targets software dependency like<a href="https://www.csoonline.com/article/3816397/hackers-impersonate-deepseek-to-distribute-malware.html"> pip packages</a>, whoAMI involves a rogue virtual machine image impersonating a legitimate one.</p>
<p>An AMI is a pre-configured virtual machine template used to launch EC2 instances in AWS. It includes the OS, software, and configurations. Users can specify a known AMI ID or search for the latest public AMIs using the ec2.DescribeImgaes API to find region-specific options.</p>
<p>If the “owners” attribute is omitted when searching for an AMI, the researchers<a href="https://securitylabs.datadoghq.com/articles/whoami-a-cloud-image-name-confusion-attack/#discovery-and-disclosure-timeline"> noted</a>, AWS may return results that include public community AMIs from any account. Attackers can exploit this by publishing a malicious AMI with a matching name and newer timestamp, tricking automated infrastructure-as-Code (IaC) tools like Terraform into selecting a compromised image.</p>
<p>Victims are vulnerable only if they use the ec2.DescribeImages API with a name filter, omit the “owners” attribute, and select the most recent AMI, increasing the risk of deploying a compromised instance.</p>
<h2 class="wp-block-heading"><a></a>Amazon fixed the problem</h2>
<p>Through the AWS Vulnerability Disclosure Program (VDP), researchers found that AWS’s own internal non-production systems were vulnerable, potentially allowing attackers to execute code within AWS infrastructure. The issue was<a href="https://docs.aws.amazon.com/codeguru/detector-library/python/untrusted-ami-images/"> disclosed</a> and promptly fixed in September 2024.</p>
<p>A little later on December 1, 2024, AWS introduced<a href="https://aws.amazon.com/about-aws/whats-new/2024/12/amazon-ec2-allowed-amis-enhance-ami-governance/"> Allowed AMIs</a>, a feature that lets users define a trusted allow list for AMI selection, mitigating the whoAMI name confusion attack.</p>
<p>The blog post included a list of queries developers can use to identify risky patterns in their code, along with a link to the open-source tool,<a href="https://github.com/DataDog/whoAMI-scanner"> whoAMI-scanner</a>, for detecting untrusted AMIs in customer environments.</p>
</div></div></div></div>
https://www.csoonline.com/article/382509...ution.html
<div id="remove_no_follow">
<div class="grid grid--cols-10@md grid--cols-8@lg article-column">
<div class="col-12 col-10@md col-6@lg col-start-3@lg">
<div class="article-column__content">
<section class="wp-block-bigbite-multi-title"><div class="container"></div></section>
<p>Thousands of active AWS accounts are vulnerable to a cloud image name confusion attack that could allow attackers to execute codes within those accounts.</p>
<p>According to DataDog research, vulnerable patterns exist in the way multiple software projects retrieve Amazon Machine Image (AMIs) IDs to create Amazon elastic compute cloud (EC2) instances.</p>
<p>“The vulnerable pattern allows anyone that publishes an AMI with a specially crafted name to gain code execution within the vulnerable AWS account,” the researchers said in a blog post. “If executed at scale, this attack could be used to gain access to thousands of accounts.”</p>
<h2 class="wp-block-heading"><a></a>The whoAMI attack</h2>
<p>Researchers have demonstrated that the attack vector “whoAMI” can impact many private and open-source code repositories. Over 10,000 AWS accounts are vulnerable to this attack, about 1% of the reported<a href="https://www.sortlist.com/datahub/reports/aws-statistics/"> one million active</a> AWS deployments.</p>
<p>The whoAMI attack is a name confusion exploit, a type of<a href="https://www.csoonline.com/article/561323/supply-chain-attacks-show-why-you-should-be-wary-of-third-party-providers.html"> supply chain attack</a> where misconfigured software is tricked into using a malicious resource. Unlike the<a href="https://www.csoonline.com/article/570433/dependency-confusion-explained-another-risk-when-using-open-source-repositories.html"> dependency confusion attacks</a>, which targets software dependency like<a href="https://www.csoonline.com/article/3816397/hackers-impersonate-deepseek-to-distribute-malware.html"> pip packages</a>, whoAMI involves a rogue virtual machine image impersonating a legitimate one.</p>
<p>An AMI is a pre-configured virtual machine template used to launch EC2 instances in AWS. It includes the OS, software, and configurations. Users can specify a known AMI ID or search for the latest public AMIs using the ec2.DescribeImgaes API to find region-specific options.</p>
<p>If the “owners” attribute is omitted when searching for an AMI, the researchers<a href="https://securitylabs.datadoghq.com/articles/whoami-a-cloud-image-name-confusion-attack/#discovery-and-disclosure-timeline"> noted</a>, AWS may return results that include public community AMIs from any account. Attackers can exploit this by publishing a malicious AMI with a matching name and newer timestamp, tricking automated infrastructure-as-Code (IaC) tools like Terraform into selecting a compromised image.</p>
<p>Victims are vulnerable only if they use the ec2.DescribeImages API with a name filter, omit the “owners” attribute, and select the most recent AMI, increasing the risk of deploying a compromised instance.</p>
<h2 class="wp-block-heading"><a></a>Amazon fixed the problem</h2>
<p>Through the AWS Vulnerability Disclosure Program (VDP), researchers found that AWS’s own internal non-production systems were vulnerable, potentially allowing attackers to execute code within AWS infrastructure. The issue was<a href="https://docs.aws.amazon.com/codeguru/detector-library/python/untrusted-ami-images/"> disclosed</a> and promptly fixed in September 2024.</p>
<p>A little later on December 1, 2024, AWS introduced<a href="https://aws.amazon.com/about-aws/whats-new/2024/12/amazon-ec2-allowed-amis-enhance-ami-governance/"> Allowed AMIs</a>, a feature that lets users define a trusted allow list for AMI selection, mitigating the whoAMI name confusion attack.</p>
<p>The blog post included a list of queries developers can use to identify risky patterns in their code, along with a link to the open-source tool,<a href="https://github.com/DataDog/whoAMI-scanner"> whoAMI-scanner</a>, for detecting untrusted AMIs in customer environments.</p>
</div></div></div></div>
https://www.csoonline.com/article/382509...ution.html