Skip to main content

An Amazon crypto scam left its victim with a $45,000 bill

What’s on your wish list this holiday season? We’d hazard a guess that it does not include a $45,000 bill caused by your Amazon Web Services (AWS) account getting hacked. Yet that’s exactly what happened to one unfortunate soul this December.

Jonny Platt, founder of SEO Scout, was the unlucky recipient of this most unwelcome Christmas gift. As detailed on Twitter, Platt woke up one morning to find their AWS account had been hijacked and had been mining the Monero cryptocurrency for the past several weeks. The resulting charge was that eye-watering $45,000 fee.

Cryptocurrency mining rig from computer graphic cards
Getty Images

The hack was not particularly advanced, and worked by installing a mining script that ran on the AWS Lambda platform. Every three minutes, it would install itself in a different Lambda instance and continue mining for 15 minutes at a time (the maximum allowed on Lambda). That allowed it to operate concurrently on several Lambda instances, maximizing its crypto harvesting.

Recommended Videos

At least, that’s what you would think. But it turns out that all that effort — and that enormous bill Platt was faced with — only managed to mint six XMR (the code for Monero coins). The total dollar value? A paltry $800.

Please enable Javascript to view this content

Getting an $800 return on your $45,000 investment doesn’t exactly seem like a sound business plan. But when you’re getting someone else to foot the bill without them even realizing, problems like that don’t really matter.

🎄 Excited to announce I just received my Christmas present from @awscloud!

😱 Horrified to see it's $45,000 in charges due to some scammer hacking my account + mining Crypto for the last few weeks

⏰ Had no sleep last night. It's now 23 hrs since my support ticket & no reply.

— Jonny Platt (@jonnyplatt) December 14, 2021

As Platt pointed out, what’s worse is that the scam could have been easily spotted by Amazon. The mining script was an unencrypted plain text file, so all AWS needed to do was scan for certain well-known lines in its code that are used by other similar hacks — Platt gave the example of “xmrig” — to get suspicious and suspend the script. Apparently, that never happened.

In the end, it took Amazon 27 hours to reply to Platt’s complaint. Considering the incredible increase in Platt’s monthly AWS spend (150,000%, he estimates), that’s a long time to wait for help. And despite the lengthy wait time, Platt says there’s still no solution — AWS is monitoring his account for 24 hours, after which, the case will be sent to the billing department for review, which he believes can take several days. A quick fix, it ain’t.

Amazon finally called after 27 hrs, no doubt thanks to the attention this got.

The agent was kind, but AWS' processes means I must wait another 24hrs of 'monitoring' before the case is sent to billing 'for review', which can take days

Knowing I'm not alone really helps, thanks

— Jonny Platt (@jonnyplatt) December 14, 2021

If you’re an AWS customer, this whole saga should serve as a reminder to check your settings and ensure your account is secure. And it doesn’t hurt to keep an eye on your bank balance for any suspicious outgoings. As cryptocurrencies continue to grow — and GPU makers release more graphics cards aimed at miners — this kind of scam could become all too common.

Alex Blake
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
We now know why AMD chose to delay RDNA 4 — well, kind of
AMD announcing FSR 4 during CES 2025.

AMD hasn't been very forthcoming when it comes to information about its RX 9000 series GPUs, but we just got an update as to why the cards won't be available until sometime in March. The company cites software optimization and FSR 4 as the two reasons why it most likely decided to delay the launch of RDNA 4. But is that all there is to it, or is AMD waiting to see some of Nvidia's best graphics cards before pulling the trigger on the RX 9070 XT?

The update comes from David McAfee, AMD's vice president and general manager of the Ryzen CPU and Radeon graphics division. A couple of days ago, McAfee took to X (Twitter) to announce that AMD was excited to launch the RX 9000 series in March. This caused a bit of an uproar, with many enthusiasts wondering why AMD was choosing to wait so long.

Read more
What power supply do you need for the RTX 5090 and RTX 5080?
The RTX 5090 sitting on top of the RTX 4080.

Nvidia’s new RTX 50-series GPUs represent a leap forward in gaming and content creation, but they also push the boundaries of what’s expected from your power supply. The RTX 5090 and RTX 5080, will be the first two models available for purchase starting January 30, and are expected to deliver improved performance over its predecessors -- you can already see that in action in our RTX 5090 review.

However, with great power comes greater demands on your power supply. If you're planning to upgrade to either of these next-generation graphics cards, it’s crucial to know what kind of PSU (Power Supply Unit) you need. Ensuring your PSU meets or exceeds the recommended specifications is critical for avoiding crashes, ensuring system stability, and maintaining long-term reliability.

Read more
Gaming mouse goes up in flames, nearly causes apartment fire
A burned Gigabyte moue as posted by a user on Reddit

Think you have one of the best gaming mice? Think again. A Reddit user recently reported a concerning incident involving their Gigabyte M6880X gaming mouse, which allegedly caught fire spontaneously, filling their apartment with black smoke and causing significant property damage.

The user who goes by the unser name lommelinn, shared images showing the melted mouse, burn marks on the desk, and a destroyed mouse pad. They recounted discovering the device "burning with large flames," which they quickly extinguished. Despite their swift action, the room was left covered in black particles, affecting other equipment, including a modular synthesizer.

Read more