"I stupidly uploaded my private Amazon keys to a public website and somebody used them and ran up a huge bill. It must be somebody else's fault, not mine"
Boo-fuckin-Hoo! —was there something put into the water supply about 10 years ago that removed the entire human race's ability to take responsibility for their own actions?
The cool thing with Amazon is that they definitely pay attention to your opinion as a consumer. A few months ago, I sent an email to Jeff Bezos to complain about the Amazon Locker interface that I found cumbersome - it used to show you all lockers including the full ones and there was no way to see which ones you can actually deliver to - and his assistant answered and let me know that my message was forwarded to the appropriate team. They changed the interface a few weeks later. Maybe the author of this post should do the same.
> I had to close my AWS account to stop further charges and sent an email to the support team and hoping that they would consider that my account was compromised. I am guessing it is bitcoin mining incident again.
1. Unconfirmed that it was Bitcoin mining
2. Chose to close AWS account
The security group permitted SSH from three /24 netblocks.
Maybe it was some other type of coin (I'm not sure if primecoin is more CPU-friendly).
It's like all theft. At low enough risk, the thief doesn't care what percentage of the value (of the $ charged) they recover. In this case, they are running very large CPU (not GPU) instances on someone else's dollar, not caring about the inefficiency of it because it can be automated and is difficult if not impossible to trace.