Datadog’s Security Labs team recently identified a whoAMI attack, a vulnerability in AWS’s Amazon Machine Image (AMI) that could be used to gain access to thousands of accounts if executed at scale, and estimated that 4% of organisations are vulnerable.
In response, the company has also released an open source project that detects the use of untrusted AMIs.
Key facts:
- In August 2024, Datadog Security labs identified a pattern in the way multiple software projects were retrieving AMIs for the purpose of creating EC2 instances, and discovered a way that attackers could exploit it.
- whoAMI is an instance of a name confusion attack, which is a subset of a supply chain attack, and shares similarities to a dependency confusion attack.
- This vulnerable pattern would allow anyone that publishes an AMI with a specially crafted name to gain code execution within the vulnerable AWS account. Successful attackers could have ensured anyone using the tool would deploy a malicious AMI rather than the intended one.
- Working with AWS, Datadog was able to confirm that internal non-production systems within AWS itself were vulnerable to this attack, which would have allowed an attacker to execute code in the context of internal AWS systems.
- While this misconfiguration falls on the customer side of the shared responsibility model, on December 1st, 2024, AWS announced "Allowed AMIs", a defence in depth control that allows users to whitelist which AWS accounts should be trusted as AMI providers. If enabled and configured, this would thwart the whoAMI attack.
- Datadog has included queries that companies can use to find the vulnerable pattern in their code.
- Datadog has also released a new open source project, whoAMI-scanner, that can detect the use of untrusted AMIs in an environment.
For further information and recommendations, please see this blog from the Security Labs team: whoAMI: A cloud image name confusion attack