Darktrace finds AI gateway with Amazon Bedrock access hijacked for cryptomining

Researchers at U.K.-based cybersecurity company Darktrace Holdings Ltd. today detailed a cloud intrusion in which a compromised artificial intelligence gateway tied to Amazon Web Services Inc.’s Amazon Bedrock was hijacked to mine cryptocurrency.

The compromised system was an Amazon Elastic Compute Cloud instance named “LiteLLM-Proxy” that ran the open-source LiteLLM software and carried an instance profile with access to Amazon Bedrock. In other words, it functioned as a gateway to hosted AI models while holding privileged cloud permissions.

That combination is what makes the case worth attention: The abuse itself was ordinary, but it landed on an asset sitting at the junction of cloud infrastructure, identity and AI services.

Darktrace observed activity consistent with active cryptomining from the instance on June 12. Its Enhanced Monitoring and Managed Threat Detection services caught the traffic and the company’s security operations center escalated it to the customer. The instance was shut down.