My RDS account has been hacked

Question

I am getting a message in a read me format that my RDS has been blocked by an anonymous person and I have to pay him 0.01 Bitcoins. Below is the message coming in the table. Please help me with this
I have backed up all your databases. To recover them you must pay 0.01 BTC (Bitcoin) to this address: 12XPTNws8FHCCoqakhkx8TqfooyFeYd3GC . Backup List: refer2hire. After your payment email me at sqlrecover471@onionmail.org with your server IP (18.189.144.239) and transaction ID and you will get a download link to your backup. Emails without transaction ID and server IP will be ignored.

Answer

If you are unable to login use this form to recover access to you aws account: https://support.aws.amazon.com/#/contacts/aws-account-support

If is possible you can restore a snapshot of your RDS instance: 
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_RestoreFromSnapshot.html

Please follow the security practices to avoid any unauthorized access to your AWS account:
https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/controls-acct.html

Remember always to secure your ports, security groups and set MFA.

My RDS account has been hacked

相关内容