Cloud 66 Security Compromise

64 点作者 akh大约 12 年前

Cloud 66 Team hello@cloud66.com via mail123.us2.mcsv.netURGENT:We have just identified a malicious activity on Cloud 66.To protect your servers change your API keys and enable termination protection on AWS accounts you have.We strongly recommend changing all cloud keys.We have shut down the site and will keep you posted.

6 条评论

nwh大约 12 年前

DigitalOcean locked all Cloud 66 API accounts on their side a few days ago. There's more information about it on the second post here — <a href="http://digitaloceanstatus.com/" rel="nofollow">http://digitaloceanstatus.com/</a>Essentially it looks like somebody on Cloud 66s side found a way to remotely destroy hundreds of instances.

citricsquid大约 12 年前

Looks like there was a security incident 2 days ago and now they believe that the problem is a data leak and not poor application security: <a href="http://blog.cloud66.com/" rel="nofollow">http://blog.cloud66.com/</a>

评论 #5685618 未加载

kmfrk大约 12 年前

Thank gods I used a separate AWS key for this. I wasn't even sure I had.Let that be a lesson.

cobrabyte大约 12 年前

Ugh. They shut down their chat room, as well.So, absolutely zero information coming from Cloud66. Time to find a new provider.

nodata大约 12 年前

> We have shut down the site and will keep you posted.Yeah... that's an odd reaction.

评论 #5686078 未加载

beachstartup大约 12 年前

does anyone know what cloud66 does/did? i can't find anything descriptive on the internet that isn't shut down.

评论 #5686315 未加载

评论 #5687706 未加载