whoAMI Attack: A Name Confusion Tactic Targeting AWS Environments

A Threat to Cloud Security

Cybersecurity researchers have uncovered a name confusion technique dubbed the whoAMI attack, which enables individuals to manipulate Amazon Web Services (AWS) environments by publishing deceptive Amazon Machine Images (AMIs). This method could allow attackers to execute code within AWS accounts under specific conditions, raising concerns about cloud security misconfigurations.

How the whoAMI Attack Operates

At its core, the whoAMI attack is a form of supply chain manipulation where a misleading resource is used to replace a legitimate one. The attack takes advantage of the way AMIs—virtual machine images used for launching AWS Elastic Compute Cloud (EC2) instances—are retrieved from the AWS Community AMI catalog.

The exploit works when software scripts or automation tools search for an AMI by name but fail to specify critical parameters such as the owner or owner ID. In such cases, the AWS API may return multiple AMIs with matching names, including those uploaded by unknown entities. If the search logic is configured to select the most recent image from the list, an attacker could publish a deceptive AMI with an identical name, increasing the likelihood that it will be chosen instead of a trusted one.

The Consequences of Misconfigured AMI Selection

Once an attacker’s AMI is deployed within a target’s AWS environment, it provides an opportunity for remote code execution (RCE). This means that the individual behind the attack could gain access to the instance and carry out further malicious activities, such as:

• Deploying unauthorized software
• Extracting sensitive data
• Modifying system settings
• Establishing persistent access for long-term control

Since AWS environments are widely used for hosting applications, databases, and corporate infrastructure, a successful exploitation could have significant implications for businesses relying on cloud services.

A Paralleling Supply Chain Vulnerability

The whoAMI attack shares similarities with dependency confusion techniques seen in software development. In a dependency confusion attack, an attacker publishes a package with the same name as an internal software dependency, tricking build systems into downloading the counterfeit package. Similarly, in the case of whoAMI, the attacker replaces a trusted AMI with a lookalike, allowing them to introduce unauthorized changes within cloud-hosted systems.

Detection and Response Efforts

Security analysts investigating the issue found that a small percentage of organizations using AWS were impacted by this attack pattern. The issue was reported to AWS in mid-September 2024, and AWS addressed it within days. AWS has stated that no evidence suggests this technique has been exploited outside of authorized security research efforts.

In response to the discovery, AWS has introduced a new security feature called Allowed AMIs. This setting allows users to define which AMIs can be used within their accounts, reducing the risk of inadvertently selecting unverified images. Additionally, infrastructure-as-code tools like Terraform have started issuing warnings when the "most_recent = true" parameter is used without specifying an AMI owner, with plans to enforce stricter validation in future versions.

Strengthening Cloud Security Practices

To minimize exposure to such tactics, organizations managing AWS environments should review their AMI retrieval processes and ensure that all searches specify an owner ID or an approved AMI list. Incorporating security best practices such as:

• Implementing strict access controls on AMI selection
• Regularly auditing cloud configurations
• Utilizing AWS security features like Allowed AMIs
• Applying monitoring solutions to detect unusual deployments

By addressing these gaps, businesses can reduce the likelihood of falling victim to name confusion threats like whoAMI and enhance the overall security of their cloud-based infrastructure.