whoAMI Attack Lets Hackers Gain Code Execution in AWS Accounts via AMI Name Confusion
Security researchers have uncovered a name confusion attack that allows unauthorized access to Amazon Web Services (AWS) accounts through the manipulation of Amazon Machine Images (AMIs). The attack, dubbed “whoAMI”, was developed by DataDog researchers in August 2024 and demonstrates how attackers can gain code execution within AWS accounts by exploiting flawed AMI retrieval processes.
While Amazon addressed the issue in September 2024, the risk remains for organizations that have not updated their code or security configurations.
Exploiting AWS AMI Selection
AMIs are preconfigured virtual machines used to create AWS Elastic Compute Cloud (EC2) instances. Users typically search AWS’s catalog for the AMI ID of their desired instance. However, if the AMI search fails to specify a trusted owner, AWS may return AMIs from any public source, including malicious ones.
The whoAMI attack exploits common misconfigurations in AWS environments, such as:
- Using the
ec2:DescribeImagesAPI without specifying an AMI owner, allowing AWS to return all publicly available AMIs. - Employing wildcards in AMI selection scripts rather than referencing specific AMI IDs.
- Infrastructure-as-code tools (e.g., Terraform) using
most_recent = true, which automatically selects the latest AMI that matches a given name—potentially choosing a malicious AMI instead of a legitimate one.
Demonstrating the retrieval of a malicious instead of a trusted AMI
Source: DataDog
See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses
Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.
How Attackers Leverage Name Confusion
By publishing an AMI with a name similar to a trusted resource, attackers can trick AWS environments into selecting their malicious AMI. If an organization’s system fetches AMIs using wildcards or improper filtering, it may unknowingly launch an EC2 instance using the attacker’s backdoored AMI.
Unlike traditional AWS account takeovers, this attack does not require breaching the victim’s account. Instead, attackers create a public AMI, name it strategically, and wait for vulnerable systems to pull and deploy it automatically.
AWS Response and Mitigation
After being alerted by DataDog, Amazon confirmed that some of its internal non-production systems were vulnerable to whoAMI attacks.
AWS released a fix on September 19, 2024, followed by a new security feature called “Allowed AMIs” in December. This feature lets customers create a whitelist of trusted AMI providers, preventing unauthorized AMI selection.
Protecting Your AWS Environment
Amazon advises all AWS users to:
- Specify AMI owners when using the
ec2:DescribeImagesAPI to ensure that only trusted AMIs are retrieved. - Enable the “Allowed AMIs” feature via AWS Console → EC2 → Account Attributes → Allowed AMIs to block untrusted AMIs.
- Audit and update infrastructure code (e.g., Terraform, AWS CLI, Python Boto3, Go AWS SDK) to safely retrieve AMIs.
- Check for unauthorized AMIs in use by enabling AWS Audit Mode in ‘Allowed AMIs’ and switching to Enforcement Mode to block them.
Additionally, Terraform version 5.77 (released in November 2024) now warns users when "most_recent = true" is used without an owner filter, with stricter enforcement coming in Terraform 6.0.
For organizations concerned about existing risks, DataDog has released an AWS scanner to detect EC2 instances running untrusted AMIs, available on GitHub.
With attackers actively exploiting misconfigured AMI selection, AWS users must review their AMI retrieval processes to avoid falling victim to whoAMI attacks.
Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]
Source: bleepingcomputer.com
Recent News
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
