Vercel, a web application deployment platform, identified unauthorized access to internal systems originating from the compromise of Context.ai, a third-party artificial intelligence (AI) tool used by an employee.
On BreachForums, a well-known black market for leaked data, it has been put up for sale confidential company information for 2 million dollars. The package includes critical assets such as source code and access keys.
The compromised tool, Context.ai, was integrated using OAuth, a mechanism that allows external applications to access corporate accounts without sharing passwords, and served as a gateway to critical infrastructureas reported by Vercel itself.
According to the security bulletin published by the company, the attacker used that access to take control of the affected employee’s Google Workspace account and, from there, escalated to internal environments.
The hacker gained access to environment variables, configuration files that may contain database access keys, and service credentials, which were not marked as “sensitive.” The variables with that category, Vercel states, do not show evidence that they have been accessed.
According to the release shared this July 19, a limited subset of customers reported compromised credentials. Vercel contacted them directly and recommended immediate credential rotation. The company works with Mandiant and other specialty firms, as well as law enforcement. The investigation remains open.
Vercel CEO speaks out about the hack
Guillermo Rauch, CEO of Vercel, described the attacking group as “highly sophisticated” and maintained that, in his opinion, operated “significantly accelerated by AI”based on the speed with which they moved and the detailed knowledge they demonstrated of the company’s internal systems.
Rauch further confirmed that Context.ai was contacted to determine the full scope of the incident and protect other organizations exposed to the same vector. Vercel’s newsletter warns that this tool has “hundreds of users in many organizations.”
While the investigation determines the true scope, Vercel recommends that all customers review and rotate environment variables and credentials, regardless of whether they were contacted.
In that context, and as reported by CriptoNoticias, Charles Guillemet, Ledger’s technology director, had warned days before the attack on Vercel that AI is reducing the cost and time necessary to generate exploits: «faster, cheaper and much more efficient than before».