Attackers Scrape GitHub For Cloud Service Credentials, Hijack Account To Mine Virtual Currency

Grazed from Forbes. Author: Runa A. Sandvik.

Rich Mogull, CEO at information security research and advisory firm Securosis, was working on a piece of code to accompany his presentation at the upcoming RSA Conference when he accidentally published the credentials for his AWS account-Amazon’s cloud computing service-online. A mistake that would later cost him $500.

In a blog post titled "My $500 Cloud Security Screwup", Mogull writes that he only learned about the issue when he received an email from Amazon’s AWS team one evening. The email said that both his access and secret key were publicly available on GitHub, a web-based hosting service for software development projects. In addition, the AWS team had reason to believe someone used the credentials to set up a number of unauthorized servers in the Amazon cloud…

As soon as he had read the email, Mogull logged on to his AWS account and found that the perpetrators had set up no fewer than ten extra large cloud instances; five on the U.S. west coast, another five in Ireland. All instances had been running for 72 hours, which, Mogull writes, "means the bad guys found the credentials within about 36 hours of creating the project and loading the files" on GitHub…

Read more from the source @ http://www.forbes.com/sites/runasandvik/2014/01/14/attackers-scrape-github-for-cloud-service-credentials-hijack-account-to-mine-virtual-currency/