AI Service Proxies
This technique has been observed in real-world attacks on AI systems.
Adversaries may utilize commercial proxy services that resell access to AI services such as frontier model APIs.
This infrastructure can be used to conduct large-scale campaigns to perform [Exfiltration via AI Inference API](/techniques/AML.T0024) via distillation. Adversaries may also use this infrastructure to [Generate Malicious Commands](/techniques/AML.T0102) for offensive cyber operations, or to generate content for [Spearphishing via Social Engineering LLM](/techniques/AML.T0052.000).
Commercial AI service proxies distribute traffic from different accounts and various cloud platforms. The mix of traffic can make malicious activity difficult to detect and block [\[1\]][1].
Malicious actors conduct [LLM Jacking](https://atlas.mitre.org/studies/AML.CS0030) attacks to gain access to victim accounts which they resell access to in their proxy services [\[2\]][2].
[1]: https://www.anthropic.com/news/detecting-and-preventing-distillation-attacks [2]: https://sysdig.com/blog/llmjacking-stolen-cloud-credentials-used-in-new-ai-attack/