Bitcoin mining? – Had to close my AWS account (opens in new tab)

(nvenky.in)

35 pointsnvenky12y ago21 comments

21 comments

While I really feel badly for the person this happened to, I think we should stop expecting Amazon to foot the bill for these kinds of things. If I buy a new car and then leave the key sitting on the hood, I don't ask the car dealer to reimburse me when it gets stolen. Let's remember that Amazon is being incredibly generous by reimbursing users for these problems, but they should certainly not be expected to do so.

BrindsleyQuives12y ago

Exactly. The tl;dr; version seems to be:

"I stupidly uploaded my private Amazon keys to a public website and somebody used them and ran up a huge bill. It must be somebody else's fault, not mine"

Boo-fuckin-Hoo! —was there something put into the water supply about 10 years ago that removed the entire human race's ability to take responsibility for their own actions?

ucha12y ago

That is why AWS has billing alerts that will send you an email or text if you reach a predefined spending threshold. I had some trouble to find at first on their website so maybe it should be more visible.

The cool thing with Amazon is that they definitely pay attention to your opinion as a consumer. A few months ago, I sent an email to Jeff Bezos to complain about the Amazon Locker interface that I found cumbersome - it used to show you all lockers including the full ones and there was no way to see which ones you can actually deliver to - and his assistant answered and let me know that my message was forwarded to the appropriate team. They changed the interface a few weeks later. Maybe the author of this post should do the same.

molecule12y ago

> Bitcoin mining? – Had to close my AWS account

> I had to close my AWS account to stop further charges and sent an email to the support team and hoping that they would consider that my account was compromised. I am guessing it is bitcoin mining incident again.

1. Unconfirmed that it was Bitcoin mining

2. Chose to close AWS account

williamstein12y ago

I've spent a large amount of time fending of bitcoin miners from abusing my site https://cloud.sagemath.com. I like the mathematics and promise of bitcoin, but in practice it is an enormous waste of resources (time, electricity, etc.).

chmars12y ago

How does the abuse on your site happen?

IbJacked12y ago

Probably from people wanting to take advantage of free computing power. From their website: Write, compile, and run code in most programming languages ... is a free service ... currently 288 cores, 1.2TB RAM

coreymgilmore12y ago

Amazon support is pretty good so you might be in luck and not get billed, especially since you caught it quick. I am sure you aren't the only person who was compromises like this.

hamburglar12y ago

Had to close the account? I thought it was pretty trivial to nuke your old keys and generate new ones on AWS.

nvenkyOP12y ago

It was my personal account which I was using for learning AWS. I did not have any apps running on that account. I initially deleted the keys and started terminating the instances. It was too exhausting to go through every region and terminate everything. So I ended up closing the account.

_ouxp12y ago

I also saw this in the wild today on a friend's aws account. Same instance size. Spot at $2. Just one instance fortunately.

The security group permitted SSH from three /24 netblocks.

Buge12y ago

I'm surprised that it was large instances instead of GPU instances. GPU would be much more profitable if you are mining a scrypt coin (or sha256 coin but that would be stupid because of ASICs).

Maybe it was some other type of coin (I'm not sure if primecoin is more CPU-friendly).

bwood12y ago

Note that the author is only assuming that bitcoin/altcoin mining was the intended goal of the attack.

a2tech12y ago

Ouch. I'm sure Amazon will help him out..300/day is an expensive lesson to learn.

nvenkyOP12y ago

I hope so :) AWS was quick to send me the alert about unauthorised activity in my account

gesman12y ago

You drive in a city at night and see all these office floors fully lit, and you wonder how many employees are having their office computers on mining bitcoins?

drpgq12y ago

What would be the current payout in Bitcoins for $300 per day approximately?

gatehouse12y ago

Mining a popular coin that doesn't have ASICs yet ... maybe $5/day, very rough estimate.

jrockway12y ago

Even if it's a cent, who cares? This is just money laundering.

_ouxp12y ago

I don't think it's exactly money laundering.

It's like all theft. At low enough risk, the thief doesn't care what percentage of the value (of the $ charged) they recover. In this case, they are running very large CPU (not GPU) instances on someone else's dollar, not caring about the inefficiency of it because it can be automated and is difficult if not impossible to trace.

Buge12y ago

I was making a net profit for a while mining some scrypt based coins on AWS.

j / k navigate · click thread line to collapse

21 comments

cddotdotslash12y ago

BrindsleyQuives12y ago

Exactly. The tl;dr; version seems to be:

"I stupidly uploaded my private Amazon keys to a public website and somebody used them and ran up a huge bill. It must be somebody else's fault, not mine"

Boo-fuckin-Hoo! —was there something put into the water supply about 10 years ago that removed the entire human race's ability to take responsibility for their own actions?

ucha12y ago

molecule12y ago

> Bitcoin mining? – Had to close my AWS account

1. Unconfirmed that it was Bitcoin mining

2. Chose to close AWS account

williamstein12y ago

chmars12y ago

How does the abuse on your site happen?

IbJacked12y ago

coreymgilmore12y ago

Amazon support is pretty good so you might be in luck and not get billed, especially since you caught it quick. I am sure you aren't the only person who was compromises like this.

hamburglar12y ago

Had to close the account? I thought it was pretty trivial to nuke your old keys and generate new ones on AWS.

nvenkyOP12y ago

_ouxp12y ago

I also saw this in the wild today on a friend's aws account. Same instance size. Spot at $2. Just one instance fortunately.

The security group permitted SSH from three /24 netblocks.

Buge12y ago

I'm surprised that it was large instances instead of GPU instances. GPU would be much more profitable if you are mining a scrypt coin (or sha256 coin but that would be stupid because of ASICs).

Maybe it was some other type of coin (I'm not sure if primecoin is more CPU-friendly).

bwood12y ago

Note that the author is only assuming that bitcoin/altcoin mining was the intended goal of the attack.

a2tech12y ago

Ouch. I'm sure Amazon will help him out..300/day is an expensive lesson to learn.

nvenkyOP12y ago

I hope so :) AWS was quick to send me the alert about unauthorised activity in my account

gesman12y ago

You drive in a city at night and see all these office floors fully lit, and you wonder how many employees are having their office computers on mining bitcoins?

drpgq12y ago

What would be the current payout in Bitcoins for $300 per day approximately?

gatehouse12y ago

Mining a popular coin that doesn't have ASICs yet ... maybe $5/day, very rough estimate.

jrockway12y ago

Even if it's a cent, who cares? This is just money laundering.

_ouxp12y ago

I don't think it's exactly money laundering.

Buge12y ago

I was making a net profit for a while mining some scrypt based coins on AWS.

j / k navigate · click thread line to collapse