{"id":57295,"date":"2024-10-04T18:08:35","date_gmt":"2024-10-04T18:08:35","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/36433\/LLM-Hijacking-Of-Cloud-Infrastructure-Uncovered-By-Researchers.html"},"modified":"2024-10-04T18:08:35","modified_gmt":"2024-10-04T18:08:35","slug":"llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/","title":{"rendered":"LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.cyberriskalliance.com\/wp-content\/uploads\/2024\/10\/AdobeStock_833347907.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>\u201cLLM hijacking\u201d of cloud infrastructure for generative AI has been leveraged by attackers to run rogue chatbot services at the expense of victims, Permiso researchers reported Thursday.<\/p>\n<p>Attacks on Amazon Bedrock environments, which support access to foundational large language models (LLMs) such as Anthropic\u2019s Claude, were outlined <a href=\"https:\/\/permiso.io\/blog\/exploiting-hosted-models\" data-type=\"link\" data-id=\"https:\/\/permiso.io\/blog\/exploiting-hosted-models\">in a Permiso blog post<\/a>, with a honeypot set up by Permiso showing how hijackers used the stolen resources to run jailbroken chatbots for sexual roleplay.<\/p>\n<p>Threat actors leverage AWS access keys leaked on platforms like GitHub to programmatically communicate with API endpoints, allowing them to check model availability, request model access and ultimately prompt the model using the victim\u2019s resources. The blog identified a total of nine APIs targeted by the attackers, most of which are typically only accessed via the AWS Web Management Console, according to Permiso.<\/p>\n<p>\u201cAWS services are operating securely, as designed, and no customer action is needed. The researchers devised a testing scenario that deliberately disregarded security best practices to test what may happen in a very specific scenario. No customers were put at risk,\u201d an AWS spokesperson said in a statement to SC Media. &nbsp;<\/p>\n<h2>Why do attackers target LLM cloud services?<\/h2>\n<p>Hijacking of cloud resources via exposed access keys is often used by threat actors for financially motivated activities such as spam email campaigns and cryptomining. After Permiso researchers observed attackers increasingly targeting LLM cloud services like Amazon Bedrock, they set up their own honeypot to better understand how attackers were leveraging the stolen infrastructure.<\/p>\n<p>The Permiso researchers established their own Amazon Bedrock instance and intentionally leaked their access key in a file on GitHub to create their honeypot. Attackers began attempting to conduct activities on the honeypot \u201cwithin minutes,\u201d but the scale of LLM invocations by hijackers didn\u2019t take off until about 40 days after the initial access key leak, when the environment saw more than 75,000 prompts processed over the course of two days.<\/p>\n<p>With invocation logging enabled on their honeypot environment, the researchers were able to read the prompts and responses to and from the LLMs, revealing the vast majority to be related to sexual roleplay with various virtual characters. This suggested the hijacker was leveraging the ill-gotten infrastructure to run a chatbot service using jailbreaks to bypass the content filters of the LLMs. A \u201csmall percentage\u201d of the content observed also involved roleplay related to child sexual abuse.<\/p>\n<p>The most common model abused by the hijackers was Anthropic\u2019s Claude 3 Sonnet. Anthropic told SC Media its models are incapable of producing images and videos and that any child sexual abuse material (CSAM) input to the model is reported to the National Center for Missing and Exploited Children. The company also works with child safety advocacy organization Thorn to test and fine-tune its models against content related to child grooming and abuse.<\/p>\n<p>\u201cJailbreaks are an industry-wide concern and our teams at Anthropic are actively working on novel techniques to make our models even more resistant to these kinds of attacks. We remain committed to implementing strict policies and advanced technologies to protect users, as well as publishing our own research so that other AI developers can learn from it. We appreciate the research community\u2019s efforts in highlighting potential vulnerabilities,\u201d an Anthropic spokesperson said in a statement.<\/p>\n<p>During the honeypot experiment, which began on June 25, 2024, AWS automatically identified and notified Permiso about the leaked access key on GitHub the same day the file containing the key was uploaded. AWS applied the policy \u201cAWSCompromisedKeyQuarantineV2\u201d a few weeks later, on Aug. 1, 2024; however, services related to Bedrock were not blocked under this policy at the time, according to Permiso.<\/p>\n<p>The honeypot account was ultimately blocked from using further Bedrock resources on Aug. 6, 2024, a day after invocations by the hijackers reached into the thousands. AWS updated its quarantine policies on Oct. 2, 2024, to include blocking of several of the APIs used by the hijackers, according to Permiso\u2019s timeline.<\/p>\n<p>Permiso\u2019s blog post circumstantially links the honeypot activity to a service know as Character Hub or Chub AI, which offers uncensored conversations with various chatbots. Blog author Ian Ahl, senior vice president of p0 Labs at Permiso, told SC Media this hypothesis was based on many of the character names from the honeypot logs being the same as characters available on Chub, as well a similar jailbreak techniques being identified, but acknowledged that with popular characters and publicly available jailbreak templates being used, it was \u201chard to count as hard evidence.\u201d<\/p>\n<p>Chub AI told SC Media it has no connection to any cloud attacks and uses its own infrastructure to run its own LLMS, emphasizing that the service does not enable or condone any illegal activity.<\/p>\n<p>\u201cThe reason our characters come up in the prompts is not, and I cannot emphasize this enough, not because they are coming from us. The reason the prompts contain our characters is because we are the largest open repository of character prompts on the internet,\u201d the Chub AI spokesperson told SC Media. \u201cChat prompts going from or to any API, for any language model, will contain a large volume of our characters.\u201d<\/p>\n<p>The spokesperson also said less than 1% of messages sent through its chat user interface go to Anthropic models and that \u201cany individuals participating in such attacks can use any number of UIs that allow user-supplied keys to connect to third-party APIs.\u201d<\/p>\n<p>Chub AI\u2019s terms of service also forbid any use of real, drawn or AI-generated sexual images of children.<\/p>\n<h2>How to protect your cloud environments from LLM hijacking<\/h2>\n<p>AWS said in a statement that customers should avoid the use of long-term access keys (AKIAs) whenever possible to prevent keys from being inadvertently leaked and misused.<\/p>\n<p>\u201cInstead, human principals should use identity federation and multi-factor authentication through Identity Center and\/or external identity providers. Software should obtain and use temporary AWS credentials via IAM roles for EC2, ECS\/EKS, and Lambda if running inside AWS, and IAM Roles Anywhere if operating outside of AWS,\u201d the AWS statement read.<\/p>\n<p>Ahl also told SC Media that AWS customers should monitor for the use of AKIAs to access APIs like \u201cGetFoundationModelAvailability,\u201d \u201cPutUseCaseForModelAccess,\u201d \u201cGetUseCaseForModelAccess,\u201d \u201cCreateFoundationModelAgreement\u201d and \u201cPutFoundationModelEntitlement,\u201d as these APIs are not meant to be accessed via AKIAs, but rather through the AWS Web Management Console.<\/p>\n<p>Users should also monitor the use of AKIAs without a user agent or with \u201cMozilla\u201d as a user agent and investigate spikes in model invocations or cloud service billing that could indicate rogue use of generative AI resources.<\/p>\n<p>A full list of atomic indicators of compromise and attacker tactics, techniques, and procedures (TTPs) for LLM hijacking are listed under \u201cDetections and Indicators\u201d in the Permiso blog post.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/36433\/LLM-Hijacking-Of-Cloud-Infrastructure-Uncovered-By-Researchers.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":57296,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[140],"class_list":["post-57295","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehacker"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-10-04T18:08:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.cyberriskalliance.com\/wp-content\/uploads\/2024\/10\/AdobeStock_833347907.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers\",\"datePublished\":\"2024-10-04T18:08:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/\"},\"wordCount\":1121,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers.jpg\",\"keywords\":[\"headline,hacker\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/\",\"name\":\"LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers.jpg\",\"datePublished\":\"2024-10-04T18:08:35+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers.jpg\",\"width\":800,\"height\":571},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehacker\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/","og_locale":"en_US","og_type":"article","og_title":"LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-10-04T18:08:35+00:00","og_image":[{"url":"https:\/\/files.cyberriskalliance.com\/wp-content\/uploads\/2024\/10\/AdobeStock_833347907.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers","datePublished":"2024-10-04T18:08:35+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/"},"wordCount":1121,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/10\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers.jpg","keywords":["headline,hacker"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/","url":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/","name":"LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/10\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers.jpg","datePublished":"2024-10-04T18:08:35+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/10\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/10\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers.jpg","width":800,"height":571},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/llm-hijacking-of-cloud-infrastructure-uncovered-by-researchers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehacker\/"},{"@type":"ListItem","position":3,"name":"LLM Hijacking Of Cloud Infrastructure Uncovered By Researchers"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/57295","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=57295"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/57295\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/57296"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=57295"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=57295"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=57295"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}