
Bitcoin mining? – Had to close my AWS account - nvenky
http://www.nvenky.in/2014/03/bitcoin-mining-closed-my-aws-account.html
======
cddotdotslash
While I really feel badly for the person this happened to, I think we should
stop expecting Amazon to foot the bill for these kinds of things. If I buy a
new car and then leave the key sitting on the hood, I don't ask the car dealer
to reimburse me when it gets stolen. Let's remember that Amazon is being
incredibly generous by reimbursing users for these problems, but they should
certainly not be expected to do so.

~~~
BrindsleyQuives
Exactly. The tl;dr; version seems to be:

 _" I stupidly uploaded my private Amazon keys to a public website and
somebody used them and ran up a huge bill. It must be somebody else's fault,
not mine"_

Boo-fuckin-Hoo! —was there something put into the water supply about 10 years
ago that removed the entire human race's ability to take responsibility for
their own actions?

------
ucha
That is why AWS has billing alerts that will send you an email or text if you
reach a predefined spending threshold. I had some trouble to find at first on
their website so maybe it should be more visible.

The cool thing with Amazon is that they definitely pay attention to your
opinion as a consumer. A few months ago, I sent an email to Jeff Bezos to
complain about the Amazon Locker interface that I found cumbersome - it used
to show you all lockers including the full ones and there was no way to see
which ones you can actually deliver to - and his assistant answered and let me
know that my message was forwarded to the appropriate team. They changed the
interface a few weeks later. Maybe the author of this post should do the same.

------
molecule
_> Bitcoin mining? – Had to close my AWS account_

 _> I had to close my AWS account to stop further charges and sent an email to
the support team and hoping that they would consider that my account was
compromised. I am guessing it is bitcoin mining incident again._

1\. Unconfirmed that it was Bitcoin mining

2\. Chose to close AWS account

------
williamstein
I've spent a large amount of time fending of bitcoin miners from abusing my
site [https://cloud.sagemath.com](https://cloud.sagemath.com). I like the
mathematics and promise of bitcoin, but in practice it is an enormous waste of
resources (time, electricity, etc.).

~~~
chmars
How does the abuse on your site happen?

~~~
IbJacked
Probably from people wanting to take advantage of free computing power. From
their website: Write, compile, and run code in most programming languages ...
is a free service ... currently 288 cores, 1.2TB RAM

------
coreymgilmore
Amazon support is pretty good so you might be in luck and not get billed,
especially since you caught it quick. I am sure you aren't the only person who
was compromises like this.

------
hamburglar
Had to close the account? I thought it was pretty trivial to nuke your old
keys and generate new ones on AWS.

~~~
nvenky
It was my personal account which I was using for learning AWS. I did not have
any apps running on that account. I initially deleted the keys and started
terminating the instances. It was too exhausting to go through every region
and terminate everything. So I ended up closing the account.

------
jambo
I also saw this in the wild today on a friend's aws account. Same instance
size. Spot at $2. Just one instance fortunately.

The security group permitted SSH from three /24 netblocks.

------
Buge
I'm surprised that it was large instances instead of GPU instances. GPU would
be much more profitable if you are mining a scrypt coin (or sha256 coin but
that would be stupid because of ASICs).

Maybe it was some other type of coin (I'm not sure if primecoin is more CPU-
friendly).

~~~
bwood
Note that the author is only assuming that bitcoin/altcoin mining was the
intended goal of the attack.

------
a2tech
Ouch. I'm sure Amazon will help him out..300/day is an expensive lesson to
learn.

~~~
nvenky
I hope so :) AWS was quick to send me the alert about unauthorised activity in
my account

------
gesman
You drive in a city at night and see all these office floors fully lit, and
you wonder how many employees are having their office computers on mining
bitcoins?

------
drpgq
What would be the current payout in Bitcoins for $300 per day approximately?

~~~
jrockway
Even if it's a cent, who cares? This is just money laundering.

~~~
jambo
I don't think it's exactly money laundering.

It's like all theft. At low enough risk, the thief doesn't care what
percentage of the value (of the $ charged) they recover. In this case, they
are running very large CPU (not GPU) instances on someone else's dollar, not
caring about the inefficiency of it because it can be automated and is
difficult if not impossible to trace.

