Novel LLMjacking Attacks Target Cloud-Based AI Models

Enterprise organizations aren't alone in embracing generative AI. Cybercriminals doing so, too.
They're using GenAI to shape their attacks, such as creating more convincing phishing emails, spreading disinformation to model poisoning, and creating prompt injections and deepfakes.
Threat researchers with cybersecurity firm Sysdig recently detected bad actors using stolen credentials to target large language models, with the eventual goal of selling the access to other hackers.
LLMs are foundational to the myriad generative tools coming onto the market since OpenAI launched ChatGPT 18 months ago.
According to Alessandro Brucato, senior threat research engineer at Sysdig, access to the compromised LLM accounts could be used for a number of reasons, such as to steal money or LLM training data.
The stolen cloud credentials were obtained through a vulnerable version of Lavarvel, a free and open source PHP-based web framework for creating web applications.
The stolen credentials could be used to target 10 cloud-hosted LLM services.
Threat actors used tools to generate requests that could target models during the attacks.
Sysdig researchers also found a script that could check credentials for the 10 AI services so see which were useful to the attackers.
The services are designed to give developers easy access to models using LLMs. They have simple user interfaces to let developers start building applications quickly.
For a cloud vendor to run a model, it needs to be submitted for approval.
The process for interacting with the hosted language models also is simple, using command-line interface commands.
The Sysdig researchers also discovered the use of a reverse proxy for LLMs being used to provide access to the compromised accounts.
The checking code used by the bad actors to verify whether credentials can be used to target particular LLMs also references the OAI Reverse Proxy open source project.
Once in the cloud environment, the hackers subtly poked around to see what they could do while not triggering warnings.
They also worked to see how the service was configured.
At this point, it could cost the victim more than $46,000 per day.
There are a number of ways to prevent such an attack, including using strong vulnerability management to prevent initial access and secrets management to ensure credentials are not stored in ways that allow them to be easily stolen.
Organizations also can use cloud security posture management or cloud infrastructure entitlement management tools to make sure cloud accounts have the fewest number of permissions needed.
Such protections will be needed, according to Brucato.


This Cyber News was published on securityboulevard.com. Publication date: Mon, 13 May 2024 18:43:06 +0000


Cyber News related to Novel LLMjacking Attacks Target Cloud-Based AI Models

Multi-Cloud vs. Hybrid Cloud: The Main Difference - The proliferation of cloud technologies is particularly confusing to businesses new to cloud adoption, and they're sometimes baffled by the distinction between multi-cloud and hybrid cloud. Although the public cloud infrastructure and public cloud ...
1 year ago Techtarget.com
What is a Cloud Architect and How Do You Become One? - A cloud architect is an IT professional who is responsible for overseeing a company's cloud computing strategy. This includes cloud adoption plans, cloud application design, and cloud management and monitoring. Cloud architects oversee application ...
10 months ago Techtarget.com
2023 Cloud Security Report - Security concerns remain a critical barrier to cloud adoption, showing little signs of improvement in the perception of cloud security professionals. Cloud adoption is further inhibited by a number of related challenges that prevent the faster and ...
1 year ago Cybersecurity-insiders.com
The 10 Best Cloud Security Certifications for IT Pros in 2024 - Many professionals seeking a career in cloud security turn to certifications to advance their learning and prove.... their knowledge to potential employers. The number of cloud security certifications has increased in recent years making it difficult ...
11 months ago Techtarget.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Cloud Security: Stats and Strategies - An interesting aspect in O'Reilly's latest Cloud Adoption report based on a global survey conducted is that 90% of the responders are using the cloud to support their business. One of the key takeaways from the State of the Cloud report from Flexera ...
11 months ago Feeds.dzone.com
Top Cloud Security Issues: Threats, Risks, Challenges & Solutions - Cloud security issues refer to the threats, risks, and challenges in the cloud environment. To combat these cloud security issues, develop a robust cloud security strategy that addresses all three to provide comprehensive protection. Cloud security ...
6 months ago Esecurityplanet.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
6 months ago Esecurityplanet.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
10 months ago Esecurityplanet.com
What Is Cloud Workload Security? Ultimate Guide - Cloud workload security, or cloud workload protection, refers to the tools and policies used to protect apps, services, and resources that run on cloud infrastructure. Your organization can manage cloud workload security through coordination across ...
5 months ago Esecurityplanet.com
CrowdStrike Enhances Cloud Asset Visualization to Accelerate Risk Prioritization - The massive increase in cloud adoption has driven adversaries to focus their efforts on cloud environments - a shift that led to cloud intrusions increasing by 75% in 2023, emphasizing the need for stronger cloud security. As organizations increase ...
7 months ago Crowdstrike.com
What is cloud load balancing? - Cloud load balancing is the process of distributing workloads across computing resources in a cloud computing environment and carefully balancing the network traffic accessing those resources. Cloud load balancing helps enterprises achieve ...
9 months ago Techtarget.com
7 Considerations for Multi-Cluster Kubernetes - A hybrid cloud is a cloud computing environment that combines public and private clouds, allowing organizations to utilize the benefits of both. In a hybrid cloud, an organization can store and process critical data and applications in its private ...
11 months ago Feeds.dzone.com
What is a cloud application? - A cloud application, or cloud app, is a software program where cloud-based and local components work together. Cloud application servers are typically located in a remote data center operated by a third-party cloud services infrastructure provider. ...
9 months ago Techtarget.com
Managing the Requirements of a MultiCloud System - The use of digital technology has advanced to include cloud computing in the delivery of services, cost reduction, increased agility, and improved security. The emergence of various cloud solutions has led organizations to move their assets from ...
1 year ago Blog.isc2.org
4 types of cloud security tools organizations need in 2024 - By now, organizations know which on-premises security tools they need, but when it comes to securing the cloud, they don't always understand which cloud security tools to implement. While many traditional on-premises tools and controls work in the ...
8 months ago Techtarget.com
Novel LLMjacking Attacks Target Cloud-Based AI Models - Enterprise organizations aren't alone in embracing generative AI. Cybercriminals doing so, too. They're using GenAI to shape their attacks, such as creating more convincing phishing emails, spreading disinformation to model poisoning, and creating ...
7 months ago Securityboulevard.com
Cloud Security: Ensuring Data Protection in the Cloud - Data Encryption: Protecting sensitive data is a top priority in cloud security. Cloud security is of utmost importance when it comes to protecting and ensuring the confidentiality of data stored and transmitted in the cloud. Data protection in the ...
10 months ago Securityzap.com
Comprehensive Cloud Monitoring Platforms: Ensuring - Platforms for comprehensive cloud monitoring come into play in this situation. In this article, we will explore the significance of comprehensive cloud monitoring platforms and delve into some leading solutions available in the market today. ...
1 year ago Feeds.dzone.com
7 Keys to an Effective Hybrid Cloud Migration Strategy - Not very long ago, a hybrid cloud migration strategy amounted to a business extending its internal workloads into an environment it doesn't own. A hybrid cloud strategy was relatively simple - a combination of on-site resources and some type of cloud ...
11 months ago Techtarget.com
Falcon Cloud Security Supports Google Cloud Run to Strengthen Serverless Application Security - We're thrilled to share that the CrowdStrike Falcon® sensor now fully supports Google Cloud Run, bringing advanced security capabilities to your serverless applications. While we announced this at Google Cloud Next in April 2024, this blog goes ...
5 months ago Crowdstrike.com
Securing AI: Navigating the Complex Landscape of Models, Fine-Tuning, and RAG - It underscores the urgent need for robust security measures and proper monitoring in developing, fine-tuning, and deploying AI models. The emergence of advanced models, like Generative Pre-trained Transformer 4, marks a new era in the AI landscape. ...
1 year ago Feedpress.me
Cloud Security Best Practices for Businesses - In today's digital landscape, ensuring robust cloud security is a crucial priority for businesses. The increasing reliance on cloud services to store and process sensitive data necessitates organizations to adopt best practices to safeguard their ...
11 months ago Securityzap.com
How To Ensure Cloud Application Security - As the demand for cloud-based apps surged, more entrepreneurs switched to cloud models for their applications. There is a key concern involved with the cloud. Cloud computing has evolved for a long time in the past years and is not a new concept. ...
11 months ago Feeds.dzone.com
Middle East CISOs Fear Disruptive Cloud Breach - As organizations in the Middle East increasingly adopt cloud services, business leaders worry that their cloud-security measures are falling short. Running in the Cloud The worries arise as organizations in the Middle East accelerate their cloud ...
1 year ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)