Security News > 2020 > August > Researchers Sound Alarm Over Malicious AWS Community AMIs
The AWS marketplace also includes tens of thousands of Community AMIs.
"The issue is with the Community AMIs and that there are no checks and balances. Anybody can create one and put it in the Community AMI library. That includes ones with malicious executables."
"You use a shared AMI at your own risk. Amazon can't vouch for the integrity or security of AMIs shared by other Amazon EC2 users. Therefore, you should treat shared AMIs as you would any foreign code that you might consider deploying in your own data center and perform the appropriate due diligence. We recommend that you get an AMI from a trusted source."
Mitiga researchers believe the attack vector includes bad actors taking a spray-and-pray approach to creating malicious AMIs.
Mitiga recommends, "Out of an abundance of caution, companies utilizing Community AMIs are recommend to verify, terminate, or seek AMIs from trusted sources for their EC2 instances."