A DN42 scan by an AI agent ran up a $6,531 AWS bill
The May incident shows how weak spending controls can turn a delegated infrastructure task into real cloud liability.
By Ryan Merket · Published
Why it matters
The DN42 episode is a small, concrete version of a larger agent problem: once software can operate cloud infrastructure, spend controls become a safety feature, not a finance setting.
An AI agent trying to register with DN42 and scan the hobbyist network left its operator with a $6,531.30 Amazon Web Services bill after roughly 24 hours, according to a May 13 account by Lantian.
The incident began on May 9, when a user identified as "JertLinc3522" opened an issue in DN42's Git forge. The message said the user's "friendly AI agent" had been asked to register with DN42 and "get fully connected in order to create an index of the network," but claimed its system instructions prevented it from writing code in git repositories. The same note added that the user's AWS API key would expire the following week.
That detail is the story. DN42 is not a normal web target; it is a volunteer network for experimenting with internet backbone technologies, including BGP, recursive DNS and VPN-based peering. Joining it to run broad scans means touching real routing infrastructure, even if the network is a hobbyist one.
Lantian's account says the operator shut the agent down after 24 hours and was hit with the $6,531.30 AWS charge. The post does not establish the operator's identity beyond the JertLinc handle, and the bill figure comes from Lantian's reconstruction of the episode.
The useful lesson is not that an agent made a bad networking choice. It is that delegated agents with cloud credentials can turn planning errors, tool misuse and open-ended objectives into metered spend before a human notices.