Researchers Discover AWS Systems Manager Agent Can Be Exploited as Remote Access Trojan

Researchers have discovered that the AWS Systems Manager Agent (SSM Agent) [6], a legitimate tool used by sysadmins to manage endpoints in the AWS account [3], can be exploited as a Remote Access Trojan (RAT) on both Linux and Windows machines [4]. This poses a significant threat as it allows threat actors with high privilege access to gain persistent remote access to Amazon Web Services (AWS) instances and non-EC2 machines.


The SSM Agent [1] [2] [3] [4] [5] [6] [7], due to its popularity and trust [1], is being misused by attackers to carry out various malicious activities. These activities include data theft, ransomware attacks [2] [3] [6], cryptocurrency mining [2] [3] [4] [6], and propagation to other endpoints within the network [2] [3] [6]. The exploit involves the SSM agent being controlled through an attacker-owned AWS account. This method can be abused in real-world attacks [4], as the SSM agent is often preinstalled on popular Amazon Machine Images [3] [4].

Attackers can hijack the SSM Agent process and communicate with their own AWS account [3], or they can run a separate malicious agent process that communicates with their account while the original SSM Agent continues to communicate with the original AWS account [3]. This technique makes it difficult to detect their malicious activities.

Mitiga Security Inc [4]. has identified these potential attack scenarios and has shared their findings with the AWS security team. They have also provided recommendations for mitigating this threat [1]. Organizations are advised to monitor for new instance IDs, specific commands [3], lost connections to SSM agents [3], new processes [3], and suspicious actions in CloudTrail logs to detect this technique. Additionally, it is recommended to remove the SSM Agent binary from antivirus and endpoint detection and response solutions, integrate detection techniques into security information and event management and security orchestration, automation, and response platforms, and implement restrictions on the receipt of commands using the Virtual Private Cloud (VPC) endpoint for Systems Manager.


The exploitation of the SSM Agent as a RAT on both Linux and Windows machines poses serious risks to organizations using AWS. It is crucial for organizations to be vigilant and implement the recommended mitigations to protect their systems and data. The discovery of this vulnerability highlights the need for continuous monitoring and proactive security measures to stay ahead of evolving threats in the cloud computing environment.