-

Security Advisory: Mitiga Recommends All AWS Customers Running Community AMIs to Verify Them for Malicious Code

Out of an abundance of caution, Community AMIs currently utilized on EC2 instances should be verified, terminated or replaced by AMIs exclusively from trusted sources.

TEL-AVIV--(BUSINESS WIRE)--Mitiga, an Incident Readiness & Response company, is issuing a global advisory warning AWS customers running EC2 instances based on Community AMIs (Amazon Machine Instances), from potentially embedded malicious code. AWS customers are strongly advised to verify Community AMI integrity before continuing using them on EC2 instances.

It is in Mitiga’s further assessment that AMIs provided by trusted vendors on the AWS Marketplace do not present any such risk.

At a recent customer engagement with a financial institution, Mitiga was asked to assess its environment's cloud resiliency, in order to be better prepared for a possible security incident. As part of our assessment of the organization’s AWS environment against a bank of attack scenarios, Mitiga’s security specialists discovered an active Monero crypto miner on one of the company's EC2 servers.

Further investigation indicated the malicious code containing the crypto miner was packaged into a ‘Microsoft Windows – Server 2008’ Community AMI used to create the EC2 server instance.

The malicious party that published this AMI on the AWS Marketplace designed it to execute a form of financial fraud: Bill AWS customer accounts for compute, while extracting crypto on the other end.

Equally, an adversary could have planted a backdoor, allowing a threat actor to connect to the Windows machine and leverage it to access other areas of the environment, potentially accessing the entire EC2 infrastructure of the affected AWS account. Another viable threat scenario would be the planting of ransomware with a delayed trigger.

“Embracing community-sourced code within business-critical environments introduces significant risk,” said Mitiga Co-Founder & CTO, Ofer Maor. “This is yet another example of the risks posed by today’s cloud marketplaces, offering easy to use solutions, while introducing risks of embedding insecure or malicious code and binaries, oftentimes from unknown sources.”

As this malicious AMI may indicate a phenomenon, rather than an isolated occurrence, it is in Mitiga’s professional opinion that the potential risk posed by to AWS customers warrants the rather dramatic advisory warning being issued. Therefore, out of an abundance of caution, companies utilizing Community AMIs are recommend to verify, terminate, or seek AMIs from trusted sources for their EC2 instances.

About Mitiga:

Mitiga provides remote Incident Readiness & Response services to clients that operate hybrid and full cloud environments. Using managed services infused with a reimagined Incident Response technology stack, Mitiga bolsters organizations’ security resiliency, accelerating their post-incident bounce-back to Business-as-Usual, from days down to hours. For more information, go to: mitiga.io

Contacts

Press Contact: Roi Carthy | press@mitiga.io

Mitiga


Release Versions

Contacts

Press Contact: Roi Carthy | press@mitiga.io

More News From Mitiga

Mitiga Launches Agentic Runtime Security for Modern Infrastructure

NEW YORK--(BUSINESS WIRE)--Mitiga, the leader in Zero-Impact Breach Prevention, today announced Agentic Runtime Security for the Modern Infrastructure – a new approach to runtime detection and response across cloud, SaaS, identity, AI, and third-party services that anticipates, detects, interrupts, and stops active attacks before they impact the business. EDR protects endpoints. Mitiga protects everything else. For two decades, security operations centered on the endpoint. EDR carried the load,...

Mitiga Labs Launches Skillgate to Detect Risks in AI Agent Skills and Configurations

NEW YORK--(BUSINESS WIRE)--Mitiga, the leader in agentic runtime security for cloud, SaaS, and AI, today announced the release of Skillgate, a free tool from Mitiga Labs that scans the configuration files AI agents rely on – including skills, hooks, agent rules, MCP server configurations, and instruction files such as CLAUDE.md and AGENTS.md. Skillgate detects, flags, and scores them for prompt injection, hook remote code execution (RCE), credential exfiltration, and other attack techniques. Sk...

Mitiga Reports Exceptional Growth as Enterprises Embrace Real-Time Cloud Detection and Response

NEW YORK--(BUSINESS WIRE)--Mitiga, the leader in zero-impact cloud detection and response (CDR), today announced significant momentum across its product portfolio, partner ecosystem, and business operations as the company continues its rapid growth. With major AI-native CDR platform advances, expanded channel and technology alliances, and strong customer growth in 2025, Mitiga is poised to define the AI detection and response (AIDR) market in 2026. Highlights include: Accelerated R&D and ma...
Back to Newsroom