AWS S3 - Where did that bucket come from?
-
I have a small presence on an AWS S3 Bucket and right now I'm working through the AWS SDK to control it with C#.Net. It's pretty slick, but I noticed a bucket I didn't recognize. Its name is aws-website-[My Site Name]-l9xvi It's configured as a public website. It only has a few simple pages that say "I [heart] Berlin". What the??? It should be hard to hack into an S3. It was made 20 days after I made my bucket in 2017. I mean it seems harmless and I can get rid of it, but I am as curious as baffled. Does anyone have a take on this? I'm sure I'll delete it at some point, but I figure that the "I [heart] Berlin" is a signature. There is a website "iHeartBerlin...", but that doesn't seem to be it. Any ideas???
-
I have a small presence on an AWS S3 Bucket and right now I'm working through the AWS SDK to control it with C#.Net. It's pretty slick, but I noticed a bucket I didn't recognize. Its name is aws-website-[My Site Name]-l9xvi It's configured as a public website. It only has a few simple pages that say "I [heart] Berlin". What the??? It should be hard to hack into an S3. It was made 20 days after I made my bucket in 2017. I mean it seems harmless and I can get rid of it, but I am as curious as baffled. Does anyone have a take on this? I'm sure I'll delete it at some point, but I figure that the "I [heart] Berlin" is a signature. There is a website "iHeartBerlin...", but that doesn't seem to be it. Any ideas???
pwned by the Stasi? That is so 1950s! Get with the times! It's google and facebook that own you now!
I wanna be a eunuchs developer! Pass me a bread knife!
-
pwned by the Stasi? That is so 1950s! Get with the times! It's google and facebook that own you now!
I wanna be a eunuchs developer! Pass me a bread knife!
Use broken glass... Yeah, Stasi was my first thought as well. But it seems more subtle than that so I figured probably Mossad. There is a cryptic element to it though which reminded me of KGB protocols. Looking at it more closely though, there is some brute force technique which looks like NSA methods... I realize that it's worse than any off those. I think I figured out what organization is behind it. They are diabolical, all-pervasive worldwide in their quest for money and power and I doubt there is any security I can put in place to stop them. I'm looking at the face of pure unadulterated evil (or maybe greed). It's so subtle. It looks like a benign website template, but that's the danger of it. It is so subtle in its simplicity that I have no idea where its evil is really hidden. It was put there by AWS themselves to look like a convenient template to use for further web development, but I know, it's a trick. I would say that I won't get sucked in, but I'm afraid I am probably too late. I'm doomed. :wtf: :~
-
Use broken glass... Yeah, Stasi was my first thought as well. But it seems more subtle than that so I figured probably Mossad. There is a cryptic element to it though which reminded me of KGB protocols. Looking at it more closely though, there is some brute force technique which looks like NSA methods... I realize that it's worse than any off those. I think I figured out what organization is behind it. They are diabolical, all-pervasive worldwide in their quest for money and power and I doubt there is any security I can put in place to stop them. I'm looking at the face of pure unadulterated evil (or maybe greed). It's so subtle. It looks like a benign website template, but that's the danger of it. It is so subtle in its simplicity that I have no idea where its evil is really hidden. It was put there by AWS themselves to look like a convenient template to use for further web development, but I know, it's a trick. I would say that I won't get sucked in, but I'm afraid I am probably too late. I'm doomed. :wtf: :~
The other month I met a bloke who seemed quite interesting. At one point he introduced me to the phrase L'esprit de l'escalier - which as Wikipedia puts it, is the French term used in English for when one has thought of the perfect conversational response too late. It's actually an interesting read - that page. Chris, his name was. Only kid, dad took off eons ago leaving mum and kid. Well, *he* tells me that his dear old mother used to just tip the soap and the fabric conditioner into the top of the machine before the cycle. You know, 'cos the soap and softener dispenser compartments in the machine are where *the government* wants you to put them. She didn't know much about some things, but gawd-dammit this woman was not going to be made a fool of in her own home. Thanks for reminding me of those shenanigans with your own.
-
I have a small presence on an AWS S3 Bucket and right now I'm working through the AWS SDK to control it with C#.Net. It's pretty slick, but I noticed a bucket I didn't recognize. Its name is aws-website-[My Site Name]-l9xvi It's configured as a public website. It only has a few simple pages that say "I [heart] Berlin". What the??? It should be hard to hack into an S3. It was made 20 days after I made my bucket in 2017. I mean it seems harmless and I can get rid of it, but I am as curious as baffled. Does anyone have a take on this? I'm sure I'll delete it at some point, but I figure that the "I [heart] Berlin" is a signature. There is a website "iHeartBerlin...", but that doesn't seem to be it. Any ideas???
Michael Breeden wrote:
It should be hard to hack into an S3.
That's what I thought. Until my S3 instance was hacked within days of setting it up. Didn't load anything weird on it, all ports were secured, S3 instance was password protected, etc etc etc. Needless to say, I was unimpressed. One of the things that got installed, who the hell knows how, was a bitcoin miner. Seriously???
Latest Article - A 4-Stack rPI Cluster with WiFi-Ethernet Bridging Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
-
Michael Breeden wrote:
It should be hard to hack into an S3.
That's what I thought. Until my S3 instance was hacked within days of setting it up. Didn't load anything weird on it, all ports were secured, S3 instance was password protected, etc etc etc. Needless to say, I was unimpressed. One of the things that got installed, who the hell knows how, was a bitcoin miner. Seriously???
Latest Article - A 4-Stack rPI Cluster with WiFi-Ethernet Bridging Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny Artificial intelligence is the only remedy for natural stupidity. - CDP1802
What made you think it was hacked then? Did they modify something? I know that Word Press had a problem with that at one point.
-
The other month I met a bloke who seemed quite interesting. At one point he introduced me to the phrase L'esprit de l'escalier - which as Wikipedia puts it, is the French term used in English for when one has thought of the perfect conversational response too late. It's actually an interesting read - that page. Chris, his name was. Only kid, dad took off eons ago leaving mum and kid. Well, *he* tells me that his dear old mother used to just tip the soap and the fabric conditioner into the top of the machine before the cycle. You know, 'cos the soap and softener dispenser compartments in the machine are where *the government* wants you to put them. She didn't know much about some things, but gawd-dammit this woman was not going to be made a fool of in her own home. Thanks for reminding me of those shenanigans with your own.
-
Wise lady! Life is best when it is amusing.
