I
Agentic Intelligence · Infomly

Your AI gateway just became the highest-value target in your cloud

AI-Assisted Content — Produced with AI assistance and human editorial review. Learn more
Darktrace just caught an attacker hijacking an Amazon Bedrock-connected AI gateway for cryptomining.

The real story isn't the miner. It's what the attacker could have done.

The compromised system was a LiteLLM proxy — an AI gateway sitting at the intersection of cloud infrastructure, identity, and model access.

It had SSH exposed to the entire internet on port 22.

Brute-force attempts followed. Then XMRig was downloaded. Then repeated connections to a mining pool over HTTPS port 443.

But here's what should keep CISOs up tonight: the same gateway held IAM permissions to Amazon Bedrock.

The attacker could have accessed sensitive prompts, model outputs, API keys, cloud credentials, or proprietary knowledge bases connected through RAG.

A day later, separate suspicious IAM activity appeared: GetSendQuota calls from a Vietnam IP, failed InvokeModel and ListFoundationModels attempts, and a CreateUser command with a randomly generated username — classic persistence behavior.

"AI gateways concentrate credentials, cloud permissions, and model access into a single choke point, so a routine intrusion lands on a privileged asset," said Sean Malone, CISO at BeyondTrust.

Your AI infrastructure is not a separate technology stack. It runs in the cloud. It holds cloud credentials. It fails the way cloud assets have always failed.

Audit your AI gateways today. Close public SSH. Scope IAM permissions to minimum necessary. Monitor model access patterns. Treat every AI gateway as a control point for AI operations — because that's exactly what attackers see.

SOURCE: https://www.darktrace.com/blog/when-ai-infrastructure-becomes-part-of-the-attack-surface
VERIFIED: Darktrace blog (primary), SiliconANGLE, CSO Online, Dark Reading
SIGNAL: AI gateways are becoming the new crown jewels for attackers — they centralize model access, cloud permissions, and identity in one asset. Every enterprise deploying Bedrock or similar services needs to reassess their AI infrastructure exposure immediately.
💬 Consultation · Got questions? Talk to an expert →
Enterprise AI Impact — filtered for signal, not noise The AI briefing CTOs read before their morning meeting 3 minutes. Zero fluff. Only what moves the needle. $5/mo — your cheapest competitive edge
Subscribe — $5/mo

0 Comments

No comments yet. Be the first.