2025-09-16 –, Main Room
Serverless is supposed to be safe. Functions are ephemeral, stateless, and isolated—until they're not.
In this talk, we reveal a novel persistence technique in AWS Lambda that leverages the trusted Extensions API. By injecting malicious extensions into Lambda Layers—often reused across multiple accounts—we show how attackers can silently persist inside seemingly ephemeral functions, exfiltrate secrets, and bypass runtime logging and application logic.
This is not a bug in IAM or the runtime. It’s a consequence of trust: many organizations adopt community or third-party Lambda Layers for monitoring, tracing, or instrumentation. If even one of those Layers is poisoned, it opens a stealthy path for persistent access.
We’ll walk through how these "Loiterers" survive beyond invocations, how they silently phone home, and how their behavior evades traditional detections. We’ll also release LambdaScope, a toolkit for defenders to uncover hidden extension activity via forensic signatures and dependency graph analysis.
Nandini Singhal is a Principal Software Engineer at Oracle Cloud, where she leads initiatives in distributed systems and cloud infrastructure. With over 7 years of industry experience, she has worked extensively on scalable storage systems, durability guarantees, and secure object lifecycle management at hyperscale.
Her academic background includes a master’s degree focused on concurrency, programming languages, and verification, with research published in top-tier A* conferences.