Amazon GuardDuty recently added the detection of EC2 instance credentials being used by other AWS accounts. This improves upon the previous state where only credentials being used by IP addresses outside of the AWS network were reported on.
Read full article on InfoQ