When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying
Tags
| cmtmf-attack-pattern: | Resource Hijacking |
| country: | Moldova |
| attack-pattern: | Data Model Models Credentials - T1589.001 Multi-Factor Authentication - T1556.006 Python - T1059.006 Resource Hijacking - T1496 Software - T1592.002 Vulnerabilities - T1588.006 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | 6fb6afd2-2282-4664-8a41-ef222ab40878 |
| Fingerprint | 9c3799909c1ecfcf |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 3, 2024, 1:20 p.m. |
| Added to db | Oct. 3, 2024, 3:31 p.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying |
| Title | When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying |
| Detected Hints/Tags/Attributes | 65/3/84 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://permiso.io/blog/exploiting-hosted-models |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 193 | ✔ | Cloud Chronicles | https://permiso.io/blog/rss.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 5 | bedrock.amazonaws.com |
|
| Details | Domain | 1 | bedrock-runtime.eu-west-3.amazonaws.com |
|
| Details | Domain | 1 | bedrock.us-west-2.amazonaws.com |
|
| Details | Domain | 1 | bedrock.us-east-1.amazonaws.com |
|
| Details | Domain | 3 | chub.ai |
|
| Details | Domain | 1 | characterhub.org |
|
| Details | Domain | 1 | gitgud.io |
|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 1 | smiles.com.br |
|
| Details | Domain | 2 | support.aws.com |
|
| Details | Domain | 72 | aws.amazon.com |
|
| Details | Domain | 3 | repost.aws |
|
| Details | Domain | 44 | docs.aws.amazon.com |
|
| Details | 2 | trustandsafety@support.aws.com |
||
| Details | File | 1 | reference_policies_examples_aws_deny-ip.html |
|
| Details | File | 1 | security_iam_id-based-policy-examples.html |
|
| Details | Github username | 1 | songquanpeng |
|
| Details | sha256 | 1 | 6571064468d50be4ebfd004a948cfa3394c7802b1a8479a451f6d6baa71894f3 |
|
| Details | IPv4 | 2 | 198.44.136.222 |
|
| Details | IPv4 | 2 | 104.28.219.72 |
|
| Details | IPv4 | 3 | 122.0.0.0 |
|
| Details | IPv4 | 2 | 194.48.248.108 |
|
| Details | IPv4 | 20 | 128.0.0.0 |
|
| Details | IPv4 | 4 | 126.0.0.0 |
|
| Details | IPv4 | 2 | 103.136.147.217 |
|
| Details | IPv4 | 2 | 103.136.147.219 |
|
| Details | IPv4 | 2 | 103.216.220.23 |
|
| Details | IPv4 | 2 | 103.216.220.43 |
|
| Details | IPv4 | 2 | 104.28.202.29 |
|
| Details | IPv4 | 2 | 104.28.202.30 |
|
| Details | IPv4 | 3 | 104.28.232.2 |
|
| Details | IPv4 | 2 | 119.94.179.194 |
|
| Details | IPv4 | 2 | 122.53.224.172 |
|
| Details | IPv4 | 2 | 124.104.213.208 |
|
| Details | IPv4 | 2 | 124.83.121.30 |
|
| Details | IPv4 | 2 | 138.199.43.100 |
|
| Details | IPv4 | 3 | 143.244.47.70 |
|
| Details | IPv4 | 2 | 143.244.47.87 |
|
| Details | IPv4 | 2 | 146.70.165.189 |
|
| Details | IPv4 | 2 | 146.70.165.216 |
|
| Details | IPv4 | 2 | 146.70.166.233 |
|
| Details | IPv4 | 2 | 146.70.168.125 |
|
| Details | IPv4 | 2 | 146.70.168.152 |
|
| Details | IPv4 | 2 | 146.70.168.253 |
|
| Details | IPv4 | 2 | 146.70.171.152 |
|
| Details | IPv4 | 2 | 146.70.185.24 |
|
| Details | IPv4 | 2 | 146.70.185.61 |
|
| Details | IPv4 | 2 | 148.251.255.77 |
|
| Details | IPv4 | 2 | 156.146.54.85 |
|
| Details | IPv4 | 2 | 173.205.85.53 |
|
| Details | IPv4 | 2 | 173.205.93.11 |
|
| Details | IPv4 | 2 | 180.191.160.171 |
|
| Details | IPv4 | 2 | 180.191.161.165 |
|
| Details | IPv4 | 2 | 180.191.161.78 |
|
| Details | IPv4 | 2 | 180.191.161.87 |
|
| Details | IPv4 | 2 | 180.191.162.211 |
|
| Details | IPv4 | 2 | 180.191.163.185 |
|
| Details | IPv4 | 2 | 180.191.163.242 |
|
| Details | IPv4 | 2 | 180.191.163.34 |
|
| Details | IPv4 | 2 | 180.191.165.245 |
|
| Details | IPv4 | 2 | 180.191.167.19 |
|
| Details | IPv4 | 2 | 180.191.167.237 |
|
| Details | IPv4 | 2 | 180.191.167.87 |
|
| Details | IPv4 | 2 | 180.191.172.143 |
|
| Details | IPv4 | 2 | 180.191.172.17 |
|
| Details | IPv4 | 2 | 180.191.172.58 |
|
| Details | IPv4 | 2 | 180.191.173.122 |
|
| Details | IPv4 | 2 | 198.44.136.117 |
|
| Details | IPv4 | 4 | 3.223.72.184 |
|
| Details | IPv4 | 2 | 31.171.154.59 |
|
| Details | IPv4 | 2 | 34.211.200.85 |
|
| Details | IPv4 | 2 | 44.227.217.144 |
|
| Details | IPv4 | 2 | 45.85.144.253 |
|
| Details | IPv4 | 2 | 45.87.213.230 |
|
| Details | Url | 1 | https://bedrock.us-east-1.amazonaws.com/foundation-model-availability/anthropic.claude |
|
| Details | Url | 1 | https://bedrock.us-east-1.amazonaws.com/use-case-for-model-access |
|
| Details | Url | 1 | https://gitgud.io/khanon/oai-reverse-proxy |
|
| Details | Url | 1 | https://github.com/songquanpeng/one-api |
|
| Details | Url | 1 | https://www.virustotal.com/gui/collection/6571064468d50be4ebfd004a948cfa3394c7802b1a8479a451f6d6baa71894f3/iocs |
|
| Details | Url | 2 | https://aws.amazon.com/aup |
|
| Details | Url | 1 | https://repost.aws/knowledge-center/report-aws-abuse |
|
| Details | Url | 1 | https://aws.amazon.com/iam |
|
| Details | Url | 1 | https://docs.aws.amazon.com/iam/latest/userguide/reference_policies_examples_aws_deny-ip.html |
|
| Details | Url | 1 | https://docs.aws.amazon.com/bedrock/latest/userguide/security_iam_id-based-policy-examples.html |