Skip to main content

An Amazon crypto scam left its victim with a $45,000 bill

What’s on your wish list this holiday season? We’d hazard a guess that it does not include a $45,000 bill caused by your Amazon Web Services (AWS) account getting hacked. Yet that’s exactly what happened to one unfortunate soul this December.

Jonny Platt, founder of SEO Scout, was the unlucky recipient of this most unwelcome Christmas gift. As detailed on Twitter, Platt woke up one morning to find their AWS account had been hijacked and had been mining the Monero cryptocurrency for the past several weeks. The resulting charge was that eye-watering $45,000 fee.

Cryptocurrency mining rig from computer graphic cards
Getty Images

The hack was not particularly advanced, and worked by installing a mining script that ran on the AWS Lambda platform. Every three minutes, it would install itself in a different Lambda instance and continue mining for 15 minutes at a time (the maximum allowed on Lambda). That allowed it to operate concurrently on several Lambda instances, maximizing its crypto harvesting.

Recommended Videos

At least, that’s what you would think. But it turns out that all that effort — and that enormous bill Platt was faced with — only managed to mint six XMR (the code for Monero coins). The total dollar value? A paltry $800.

Getting an $800 return on your $45,000 investment doesn’t exactly seem like a sound business plan. But when you’re getting someone else to foot the bill without them even realizing, problems like that don’t really matter.

🎄 Excited to announce I just received my Christmas present from @awscloud!

😱 Horrified to see it's $45,000 in charges due to some scammer hacking my account + mining Crypto for the last few weeks

⏰ Had no sleep last night. It's now 23 hrs since my support ticket & no reply.

— Jonny Platt (@jonnyplatt) December 14, 2021

As Platt pointed out, what’s worse is that the scam could have been easily spotted by Amazon. The mining script was an unencrypted plain text file, so all AWS needed to do was scan for certain well-known lines in its code that are used by other similar hacks — Platt gave the example of “xmrig” — to get suspicious and suspend the script. Apparently, that never happened.

In the end, it took Amazon 27 hours to reply to Platt’s complaint. Considering the incredible increase in Platt’s monthly AWS spend (150,000%, he estimates), that’s a long time to wait for help. And despite the lengthy wait time, Platt says there’s still no solution — AWS is monitoring his account for 24 hours, after which, the case will be sent to the billing department for review, which he believes can take several days. A quick fix, it ain’t.

Amazon finally called after 27 hrs, no doubt thanks to the attention this got.

The agent was kind, but AWS' processes means I must wait another 24hrs of 'monitoring' before the case is sent to billing 'for review', which can take days

Knowing I'm not alone really helps, thanks

— Jonny Platt (@jonnyplatt) December 14, 2021

If you’re an AWS customer, this whole saga should serve as a reminder to check your settings and ensure your account is secure. And it doesn’t hurt to keep an eye on your bank balance for any suspicious outgoings. As cryptocurrencies continue to grow — and GPU makers release more graphics cards aimed at miners — this kind of scam could become all too common.

Alex Blake
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
Don’t miss this chance to buy a MacBook Air at $200 off
The MacBook Air on a table in front of a window.

For those who have always wanted to get one of Apple's MacBooks but can't stomach the price tag, here's your chance to buy one for a relatively affordable price. Best Buy has slashed the price of the 13-inch Apple MacBook Air M3 to only $699, for savings of $200 on its sticker price of $899. You need to act fast though, as there's always high demand for MacBook deals. The stocks that are up for sale may already be gone as soon as tomorrow.

Why you should buy the 13-inch Apple MacBook Air M3

Read more
This HP Chromebook is under half-price today — just $190
The HP Chromebook 14 laptop on a white background.

You should turn your attention towards Chromebook deals if you want to buy a new laptop on a tight budget, and we've found an offer that you won't want to miss. From its original price of $410, the HP Chromebook 14 is down to just $190 for savings of $220 from Walmart. You won't always have the chance to get this device for less than half-price though -- in fact, the opportunity may be gone as soon as tomorrow. If you want to take advantage of the discount, you need to buy the Chromebook right now.

Why you should buy the HP Chromebook 14

Read more
Avast’s most complete antivirus plan is 70% off right now
Couple making selfie inside car with open window.

Avast has been popping off with incredible deals this month. The antivirus company recently offered 70% off its Premium tier of virus protection. For the next 30 days, Avast is extending that offer to its Ultimate tier of protection. That means you can protect one device with Avast Ultimate for $33 for a year, down from its usual $110. If you want to cover 10 devices, you'll only pay $42 instead of $140.

Let's dive into what Avast Ultimate offers and why you might want it over the free tier or the Premium plan. This deal is live now, and will stick around for the next four weeks.

Read more