Skip to content

Instantly share code, notes, and snippets.

@trak3r
Created November 12, 2014 13:55
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save trak3r/a13391de8699add5fbc8 to your computer and use it in GitHub Desktop.
The old prototype machine had our AWS API access key and secret key. Once the
hacker gained access to the keys, he created an IAM user, and generated a
key-pair. He was then able to run an instance inside our AWS account using
these credentials, and mount one of our backup disks. This backup was of one of
our component services, used for production environment, and contained a config
file with our database password. He also whitelisted his IP on our database
security group, which is the AWS firewall.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment