Losing thousands of dollars because the cloud account was occupied to 'mine' cryptocurrency
Chris Chin, a developer in Seattle, wakes up on New Year's Day 2022 with a $53,000 bill from Amazon, instead of $100-150 a month.
Last month, Jonny Platt, founder of SEO Scout, a company specializing in search engine optimization solutions, shared on Twitter that he had to pay a $45,000 bill to AWS after his account was hacked. public and used to mine Monero cryptocurrency. Platt estimated the amount of Monero the hacker collected was only $800, but his bill was many times higher.
Earlier this year, a student in California also mentioned on Reddit that he received a bill for $55,000 after his AWS account was stolen. "I am a student and have just lost almost all of my money to pay for tuition," this person said.
Not only AWS, a number of other cloud platforms are also hijacked by hackers and used to mine cryptocurrencies. Last month, a Missouri-based technology company was forced to pay a $760,000 bill because its Microsoft Azure account was hijacked. In 2019, a Google Cloud customer had to pay $14,000 in a similar situation.
The fact that hackers take over cloud data accounts to mine cryptocurrencies is not new, but has exploded in recent months when the value of many digital currencies such as Bitcoin, Ethereum skyrocketed. According to CNBC, cryptocurrency mining often requires a lot of energy as well as computer resources. Meanwhile, if the attacker gets hold of the account on the cloud platform, the attacker can mine the cryptocurrency at no cost. Users will have to pay these amounts to the service provider.
According to Google figures late last year, 86% of account breaches on the Google Cloud platform were used for cryptocurrency mining. 10% are used for the purpose of scanning resources on the Internet, looking for systems with security holes for further attacks.