问HN:我们的AWS账户在他们的故障后被入侵了
这两个事件之间可能存在关联吗?<p>以下是发生的情况:<p>在AWS发出警报并向我们发送健康事件之前的3小时内,产生了大约600个实例。我们验证了多个域,并且可以看到SES配额增加请求已被提交。<p>我们仍在对我们这边的漏洞进行调查。我们初步的嫌疑名单上有两个嫌疑:API密钥或控制台访问权限,其中未启用多因素认证(MFA)。
查看原文
Could there be any link between the two events?<p>Here is what happened:<p>Some 600 instances were spawned within 3 hours before AWS flagged it off and sent us a health event. There were numerous domains verified and we could see SES quota increase request was made.<p>We are still investigating the vulnerability at our end. our initial suspect list has 2 suspects. api key or console access where MFA wasn’t enabled.