Cloud-based cyber-attacks saw a marked increase in 2024, with threat actors adopting new tactics to exploit cloud resources at an unprecedented scale, according to Sysdig Threat Research Team’s (TRT) latest report.
Beyond LLMjacking, which was observed by the firm to target large language models (LLMs), attackers in 2024 weaponized open-source tools and escalated their use of automation, causing financial damage and increasing the attack surface for cloud-hosted enterprises.
“The stolen enterprise access in the first LLMjacking attack was a local Anthropic Claude 2. x model that could cost victims up to $46,000 per day in consumption costs. These daily costs for the newer Claude 3.5 Opus version could double or triple the daily cost,” Sysdig explained.
Weaponized Open-Source Tools Increase Cloud Attack Scale
Notable among the new attacks is the use of SSH-Snake, an open-source tool originally developed for penetration testing. The Crystalray threat group used this tool to steal over 1,500 unique credentials in just five months, targeting the US, China and other regions.
Crystalray victims, many of them cloud service users, faced severe security breaches and credential loss, further compounded by the growing number of cloud vulnerabilities.
No tags.
