Amazon AI coding agent hacked to inject data wiping commands

less than 1 minute read

I think this aws spokesperson just gave us new information. Edit: no, this was in the AWS security blog.

As reported by 404 Media, on July 13, a hacker using the alias ‘lkmanka58’ added unapproved code on Amazon Q’s GitHub to inject a defective wiper that wouldn’t cause any harm, but rather sent a message about AI coding security.

They read my long and noisy xitter thread.

Source: mbgsec.com

Hey look ma I’m a source.

“Security is our top priority. We quickly mitigated an attempt to exploit a known issue in two open source repositories to alter code in the Amazon Q Developer extension for VS Code and confirmed that no customer resources were impacted. We have fully mitigated the issue in both repositories. No further customer action is needed for the AWS SDK for .NET or AWS Toolkit for Visual Studio Code repositories. Customers can also run the latest build of Amazon Q Developer extension for VS Code version 1.85 as an added precaution.” - Amazon spokesperson

This is new, right? AWS SDK for .NET

Direct Link

Share on

X Facebook LinkedIn Bluesky

Pwn the Enterprise - thank you AI! Slides, Demos and Techniques

6 minute read

We’re getting asks for more info about the 0click AI exploits we dropped this week at DEFCON / BHUSA. We gave a talk at BlackHat, but it’ll take time bef...

Someone Is Cleaning Up Evidence

1 minute read

AWS security blog confirms the attacker gained access to a write token and abused it to inject the malicious prompt. This confirms our earlier findings.

Reconstructing a timeline for Amazon Q prompt infection

4 minute read

In the 404media article the hacker explains how they did it:

Why Aren’t We Making Any Progress In Security From AI