February 13, 2025 By Bill Toulas
Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name.
Dubbed "whoAMI," the attack was crafted by DataDog researchers in August 2024, who demonstrated that it's possible for attackers to gain code execution within AWS accounts by exploiting how software projects retrieve AMI IDs.
Amazon confirmed the vulnerability and pushed a fix in September but the problem persists on the customer side in environments where organizations fail to update the code.
Carrying out the whoAMI attack
AMIs are virtual machines preconfigured with the necessary software (operating system, applications) used for creating virtual servers, which are called EC2 (Elastic Compute Cloud) instances in the AWS ecosystem.
There are public and private AMIs, each with a specific identifier. In the case of public ones, users can search in the AWS catalog for the right ID of the AMI they need.
To make sure that the AMI is from a trusted source in the AWS marketplace, the search needs to include the 'owners' attribute, otherwise the risk of a whoAMI name confusion attack increases.
The whoAMI attack is possible due to misconfigured AMI selection in AWS environments:
- The retrieval of AMIs by software using the ec2:DescribeImages API without specifying an owner
- The use of wildcards by scripts instead of specific AMI IDs
- The practice of some infrastructure-as-code tools like Terraform using "most_recent=true," automatically picking the latest AMI that matches the filter.
