News
Amazon’s AI Coding Assistant Compromised by Hacker’s Data-Wiping Code
A hacker managed to slip data-wiping instructions into Amazon’s AI-powered developer tool, the Amazon Q Developer Extension, raising fresh concerns about the security of open-source contributions and AI-based coding assistants.
The compromised version of the extension was live for nearly a week on Microsoft’s Visual Studio Code marketplace before Amazon became aware. And while the code didn’t execute as intended, the breach itself paints a concerning picture of internal workflow weaknesses.
Hacker Used a Pull Request to Inject Malicious Code
On July 13, a GitHub user operating under the name ‘lkmanka58’ committed unauthorized code to Amazon Q’s public repository. The commit included a wiper-style prompt instructing the tool to attempt actions like “clearing a system to a near-factory state” and deleting cloud resources.
Even more troubling? The attacker didn’t use some ultra-sophisticated exploit. Instead, they got in through a pull request, suggesting that someone at Amazon may have misconfigured repository permissions or failed to properly review incoming contributions.
And here’s the kicker—the malicious pull request was merged, and the code made it into a live version of the extension, labeled 1.84.0, which was published to nearly one million developers on July 17.
Amazon Stayed in the Dark Until Security Researchers Stepped In
For six days, the compromised code sat undetected in the wild. It wasn’t until July 23 that security researchers started flagging suspicious behavior linked to the extension.
AWS initiated an internal investigation almost immediately. One day later, they yanked the rogue code, revoked compromised credentials, and pushed a clean update—version 1.85.0—back into the marketplace.
Here’s what Amazon had to say in their bulletin:
“AWS Security subsequently identified a code commit through a deeper forensic analysis in the open-source VSC extension that targeted Q Developer CLI command execution. We immediately revoked and replaced the credentials, removed the unapproved code from the codebase, and released Amazon Q Developer Extension version 1.85.0.”
The incident appears to stem from a gap in oversight during pull request reviews—something many open-source projects still struggle with.
Malicious Code Didn’t Work as Intended—But It Still Got In
So what did the malicious code actually do? Well, not much—fortunately.
The data-wiping commands weren’t correctly formatted for Amazon Q’s environment and didn’t execute. But that doesn’t mean users were safe. A few developers who poked around reported that the code did trigger in some environments, though it caused no damage.
That’s still unsettling. Because even if it didn’t wipe your cloud, it still showed that code was committed, merged, published, and distributed without detection.
One security researcher told 404 Media the entire breach looked like a “proof of concept stunt” rather than a serious attempt to cause damage. The attacker’s goal may have been to raise awareness of AI security risks—not to destroy data.
It was a warning shot, loud and clear.
Amazon Q’s Popularity Meant Wider Exposure
The Amazon Q Developer Extension is no fringe tool. It’s a well-used, AI-powered assistant built to help developers write, debug, and configure code inside Visual Studio Code.
And according to marketplace data, it’s been installed nearly one million times.
That kind of adoption raises the stakes dramatically. While AWS says no actual user data or cloud infrastructure was touched, the trust implications are huge.
Here’s a quick timeline of how things unfolded:
July 13: Hacker commits unauthorized code via GitHub pull request
July 17: Compromised version 1.84.0 goes live in VSC Marketplace
July 23: Researchers detect strange behavior, report it to AWS
July 24: AWS releases clean version 1.85.0, removes bad code
July 26: Amazon confirms issue is fully resolved, no harm reported
That’s a six-day window where developers unknowingly ran potentially dangerous code.
Amazon Responds, Tries to Calm Nerves
In response to the incident, Amazon issued a statement through multiple channels. A spokesperson told BleepingComputer:
“Security is our top priority. We quickly mitigated an attempt to exploit a known issue in two open source repositories to alter code in the Amazon Q Developer extension for VS Code and confirmed that no customer resources were impacted.”
They emphasized that the issue has been “fully mitigated,” and that there’s no further action needed for users of the AWS SDK for .NET or the AWS Toolkit for Visual Studio Code.
Still, the company advised all Amazon Q users to make sure they’re running the latest version—1.85.0—just to be safe.
Lessons From the Breach: Trust Is Easy to Break
Even if this was just a prank or a message about the state of AI security, it laid bare some uncomfortable truths.
Code review processes failed
Repository permissions were too loose
The compromised tool reached a massive developer base
No one noticed until third-party researchers raised the flag
That’s not a great look for any company—especially one that builds cloud infrastructure for half the internet.
AI is rewriting how developers code, test, and deploy software. But this incident shows that when AI tools become compromised, the risks go way beyond bad suggestions. They could become dangerous in ways no one anticipates.
Mounting Consumer Spending Challenges Signal Investor Caution
Jimmy Kimmel Mourns Cleto Escobedo’s Sudden Death
Gemini Space Station Stock Crashes on Crypto Woes
DoorDash Data Breach Exposes User Info in October
David Coverdale Announces Shocking Rock Retirement
Toys “R” Us Canada Confirms Customer Data Leak After Cyber Attack
XRP Poised for Big Gains as Ripple Eyes SWIFT’s Global Payment Market
Hackers Turn RedTiger Into Data-Stealing Malware Targeting Discord Users
Millions of WordPress Sites Under Attack Through Old Plugin Flaws
