Crypto Miners hacked my AWS account and I lost $500

Рет қаралды 908

2 жыл бұрын

Thanks to my stupidity and crypto miners, I just lost $500. Someone hacked my Amazon AWS account and created a lot of EC2 Instances and Lambdas that were mining crypto. Yeah, I admit, it was my fault I forgot to set up MFA for the AWS account, but if not for those abusive crypto miners, we would not have this situation at all! So my advice: always take care of your passwords and set up MFA whenever possible!

Пікірлер: 34

@adilsongoliveira 2 жыл бұрын

Sorry to hear about that Pawel. I work for Google Cloud and I am AWS certified. I have to say this is a common occurrence. In GCP we have an AI driven system that looks for that specifically.

@PSAfterHours 2 жыл бұрын

I solved that problem by closing my AWS account and moving everything to serverless solutions. Works like a charm now

@adilsongoliveira 2 жыл бұрын

@@PSAfterHours As it should :)

@virtualcreationcorp.6179 Жыл бұрын

Seems like they used cloud formation in your account to have the lambda function redeploy after it was deleted

@MyAeroMove 2 жыл бұрын

Generally AWS forgives "first fail". So hoping for good news! Try to share details for "can't delete lambda" with AWS (I know it's another kind of journey 😀). But they might give you back with "forgiveness" of the bill

@PSAfterHours 2 жыл бұрын

I got refunded. And ultimately closed my AWS account. Turned out I don't need it

@MyAeroMove 2 жыл бұрын

@@PSAfterHours Might still reconsider cloud usage. If you need just static instance for low-medium compute tasks - check Oracle arm forever free proposal. Works good for such kind of tasks

@user-mf8yb5ih8c Жыл бұрын

I recently got hacked and billed 522 dollars.. When did you get refund for the umauthorized usage? I contacted support center today so i shall wait for a while

@iamrahulv2 Жыл бұрын

I received a bill of $2400+ I don't know what to do, contacted aws support not sure what will happen

@TheWebstaff 2 жыл бұрын

Password rotation I don't bother with. Much better with a longer more complex password that you remember. And yes anything important or linked to money on the internet must use some sort of MFA.

@PSAfterHours 2 жыл бұрын

I invsted in U2F keys. Good luck hackers :)

@TheWebstaff 2 жыл бұрын

@@PSAfterHours probebly shouldn't poke the Bear. But yes better to be out of the bottom half of easy pickings. 😁

@anilbhuvan1116 Жыл бұрын

Same happened to me yesterday. I never thought, i would be victim of hacking.

@PSAfterHours Жыл бұрын

it sucks indeed

@manishrg1872 Жыл бұрын

@@PSAfterHours bro i am stuck with $2.6k the hacker hacked my account Have raised a ticket in aws and they said they will transfer to security team and asked to wait for 24 hours What will be the next step

@vikasgautam7717 Жыл бұрын

Hi anil i also faced same problem today…account hacked and 10 lakh bill came …please contact me to Discuss

@vikasgautam7717 Жыл бұрын

@@manishrg1872 bro i have 13k dollar bill …got hacked…please reach me

@mohammadsiraj9736 Жыл бұрын

@@vikasgautam7717 hi vikas was your problem solved I am facing the same problem Can you please contact me

@MarcFPV 2 жыл бұрын

what? is that the second time? :O

@PSAfterHours 2 жыл бұрын

Niah, it's just a reupload 🤣 I'm still cleaning up primary channel

@MarcFPV 2 жыл бұрын

@@PSAfterHours HAHAHAHA lol I just weanted to bring the Fool me once, fool me trwice joke xD

@olafschermann1592 2 жыл бұрын

I did have a dejavu also.

@geekmystique 2 жыл бұрын

Sad thing is they likely mined 50 dollars worth. Both Amazon and the hackers might win on this one.

@PSAfterHours 2 жыл бұрын

Update: I was refunded, so kudos for me

@geekmystique 2 жыл бұрын

@@PSAfterHours awesome! Hopefully they do the same for people with a smaller social media presence as well!

@de_pryme_dancers 2 жыл бұрын

👆👆 contact them... they just helped me recover mine

@PSAfterHours 2 жыл бұрын

Ultimately I get a refund. So that's fine

@sandcrabronco 2 жыл бұрын

I thought bit chains made this safe... LoL

@PSAfterHours 2 жыл бұрын

aha, right ;)