ElevenLabs services

Incidents implicated systems

Incident 8982 Reports
Alleged LLMjacking Targets AI Cloud Services with Stolen Credentials

2024-05-06

Attackers reportedly exploited stolen cloud credentials obtained through a vulnerable Laravel system (CVE-2021-3129) to allegedly abuse AI cloud services, including Anthropic’s Claude and AWS Bedrock, in a scheme referred to as “LLMjacking.” The attackers are said to have monetized access through reverse proxies, reportedly inflating victim costs to as much as $100,000 per day. Additionally, they allegedly bypassed sanctions, enabled LLM models, and evolved techniques to evade detection and logging.

ElevenLabs services

Incidents implicated systems

Incident 8982 ReportsAlleged LLMjacking Targets AI Cloud Services with Stolen Credentials

Related Entities

LLMjacking Attackers Exploiting Laravel

Incidents involved as Deployer

Entities engaging in Russian sanctions evasion

Incidents involved as Deployer

OAI Reverse Proxy Tool Creators

Incidents involved as Developer

LLMjacking Reverse Proxy Tool Creators

Incidents involved as Developer

Laravel users

Incidents Harmed By

Laravel CVE-2021-3129 users

Incidents Harmed By

Cloud LLM users

Incidents Harmed By

Cloud LLM service providers

Incidents Harmed By

OpenRouter services

Incidents implicated systems

OpenAI models

Incidents implicated systems

Mistral-hosted models

Incidents implicated systems

MakerSuite tools

Incidents implicated systems

GCP Vertex AI models

Incidents implicated systems

Azure-hosted LLMs

Incidents implicated systems

AWS Bedrock-hosted models

Incidents implicated systems

Anthropic Claude (v2/v3)

Incidents implicated systems

AI21 Labs models

Incidents implicated systems

Incident 8982 Reports
Alleged LLMjacking Targets AI Cloud Services with Stolen Credentials