Crypto Miners hacked my AWS account and I lost $500
ฝัง
- เผยแพร่เมื่อ 16 ก.พ. 2022
- Thanks to my stupidity and crypto miners, I just lost $500. Someone hacked my Amazon AWS account and created a lot of EC2 Instances and Lambdas that were mining crypto. Yeah, I admit, it was my fault I forgot to set up MFA for the AWS account, but if not for those abusive crypto miners, we would not have this situation at all! So my advice: always take care of your passwords and set up MFA whenever possible!
- วิทยาศาสตร์และเทคโนโลยี
Sorry to hear about that Pawel. I work for Google Cloud and I am AWS certified. I have to say this is a common occurrence. In GCP we have an AI driven system that looks for that specifically.
I solved that problem by closing my AWS account and moving everything to serverless solutions. Works like a charm now
@@PSAfterHours As it should :)
Seems like they used cloud formation in your account to have the lambda function redeploy after it was deleted
I recently got hacked and billed 522 dollars.. When did you get refund for the umauthorized usage?
I contacted support center today so i shall wait for a while
I received a bill of $2400+ I don't know what to do, contacted aws support not sure what will happen
Generally AWS forgives "first fail". So hoping for good news!
Try to share details for "can't delete lambda" with AWS (I know it's another kind of journey 😀). But they might give you back with "forgiveness" of the bill
I got refunded. And ultimately closed my AWS account. Turned out I don't need it
@@PSAfterHours Might still reconsider cloud usage. If you need just static instance for low-medium compute tasks - check Oracle arm forever free proposal. Works good for such kind of tasks
Password rotation I don't bother with.
Much better with a longer more complex password that you remember.
And yes anything important or linked to money on the internet must use some sort of MFA.
I invsted in U2F keys. Good luck hackers :)
@@PSAfterHours probebly shouldn't poke the Bear.
But yes better to be out of the bottom half of easy pickings. 😁
Same happened to me yesterday. I never thought, i would be victim of hacking.
it sucks indeed
@@PSAfterHours bro i am stuck with $2.6k the hacker hacked my account
Have raised a ticket in aws and they said they will transfer to security team and asked to wait for 24 hours
What will be the next step
Hi anil i also faced same problem today…account hacked and 10 lakh bill came …please contact me to
Discuss
@@manishrg1872 bro i have 13k dollar bill …got hacked…please reach me
@@vikasgautam7717 hi vikas was your problem solved
I am facing the same problem
Can you please contact me
Sad thing is they likely mined 50 dollars worth. Both Amazon and the hackers might win on this one.
Update: I was refunded, so kudos for me
@@PSAfterHours awesome! Hopefully they do the same for people with a smaller social media presence as well!
what? is that the second time? :O
Niah, it's just a reupload 🤣 I'm still cleaning up primary channel
@@PSAfterHours HAHAHAHA lol I just weanted to bring the Fool me once, fool me trwice joke xD
I did have a dejavu also.
👆👆 contact them... they just helped me recover mine
Ultimately I get a refund. So that's fine
I thought bit chains made this safe... LoL
aha, right ;)