Google Cloud Platform: Mining cryptocurrencies - google-cloud-platform

I received an email indicating that my Google Cloud Project have been suspended because I was supposedly mining cryptocurrencies.
My project is a tool like a Calculator and that issue surely isn't possible.
What could be happen?
In order to create a function I hired a programmer on UpWork and give him access to the GCP.
Well, it seems this developer has abused our trust and did something wrong.
What can I do?
Now the project is suspended and any section I try to go in the form "Appeal" appears.
I appealed but I have to wait Google to reply.
How can I check if my project have been used for these bad usages?
I want to cut services the developer could be used or so.

Unfortunately, you must wait for Google’s reply.
AS a recommendation you could review this information to determine if it is intended, Cryptocurrency mining is often an indication of the use of fraudulent accounts and payment instruments, and requires verification in order to mine cryptocurrency in the Cloud Security Help Center.
If you believe your project has been compromised, I recommend that you secure all your instances, which may require uninstalling and then reinstalling your project, you could follow the steps.
To better protect your organization from misconfiguration and access the best of Google's threat detection, you may consider enabling Security Command Center (SCC) for your organization. To learn more about SCC visit.

Related

Using OWASP ZAP (and tools of the same purpose) on AWS EC2

I am currently planning to do some web application vulnerability testing on an EC2 server with OWASP ZAP.
From my very quick google search, I found that AWS has stated that penetration testing services are allowed without approval (https://aws.amazon.com/security/penetration-testing/).
However, to double down, I am wondering if anyone in the community has done this without issue.
Thanks!!!
Yes, I frequently ran ZAP scans in AWS while I was at Mozilla. They were of course all against apps that I was permitted to test.
You should be fine unless someone complains - if they do that then Amazon are likely to send you a warning and then disable your account if you dont reply with a good explanation, or if it keeps happenning of course.

GCP has suspended my machine and says I'm mining cryptocurrency. How do I fix the issue?

GCP suspended my instance on the pretext of mining cryptocurrency on the 3rd of August 2020. In fact, my instance has not been reinstated yet, and I am writing to seek help on the matter.
Details of my instance are:
Machine Type: n1-standard-8 (8 vCPUs, 30 GB memory)
Zone: us-west1-b
Last used on: 3rd August 2020
The two questions I have:1. How do I get my instance reinstated along with its project files? I have submitted an appeal for the same, however, have not received a response.2. What was the issue with my instance? 3. What measures should I take to avoid this situation in the future?
I came across this article on Stack Overflow Google banned the project believing that it has cryptocurrency mining detailing a similar issue but it has no responses.
For further context, this was the email I received from GCP:
We’ve detected that your Google Cloud Project (project id) IP (address not disclosed) is violating the Supplemental Terms and Conditions For Google Cloud Startup Program by engaging cryptocurrency mining, resulting in the suspension of all project resources displaying this behavior.
Abuse Details:
Origin: (project id) / (IP address not disclosed)
Time frame: 2020-08-03 01:35 to 2020-08-03 01:42 (Pacific Time)
Requesting you to help me out with this.
Unfortunately, StackOverflow community can do nothing with such cases, you should wait for response from Google Cloud Support and follow the instructions.
Have a look at the documentation Google Cloud project suspension:
Google Cloud projects may be suspended due to violations of the GCP
ToS, including the Google Cloud Acceptable Use Policy (GCP AUP). When
activities that violate the Google Cloud AUP or ToS are detected in a
project, the project owner has an obligation to fix the violation
immediately. If the violation is not fixed, Google may take action to
suspend the project.
and
To recover a suspended project please fix the issue and follow the
link in the notification email or contact Google support. See the
Policy Violations FAQ for more information on appeal best practices in
case of a Project resource suspension.
More information you can find at Policy Violations FAQ:
What are the best practices for ensuring that my projects are not taken down for abusive activity? Here are some of the best practices
for appealing a warning or avoiding a suspension:
Monitor the relevant email address (the project owner email address) regularly so that you know as soon as your project is warned.
Make sure that emails from google-cloud-compliance#google.com do not go to the spam folder.
Fix the issue as soon as possible. Your email will tell you how you can fix the issue. You have a limited time window to fix the issue as
described in the email.
Ensure that your project does not violate the Google Cloud Platform Terms of Service or Acceptable Use Policy.
Respond to the notification as described above in My project has received a warning. What should I do now?. (Please do not respond
to the email.) Let us know the steps you've taken to fix the issue.
Explain clearly and concisely. Our team needs to know the steps you
took to fix the issue, but we don't need to know the exact code you
used.
If you need help fixing the issue, you can contact support from the Google Cloud Platform Support page.

How to inform google on upcoming penetration test

We are running our Software Application partially on google cloud platform and will be running a security review, which includes a penetration test soon.
We are tasked with informing our Hosting providers on this.
How should I do this for Google?
Regards
In general, you are not obliged to inform Google about your pen tests:
If you plan to evaluate the security of your Cloud Platform
infrastructure with penetration testing, you are not required to
contact us. You will have to abide by the Cloud Platform Acceptable
Use Policy and Terms of Service, and ensure that your tests only
affect your projects (and not other customers’ applications). If a
vulnerability is found, please report it via the Vulnerability Reward
Program.
... therefore there's no actual formal way of doing this. Probably a good idea would be to contact Google Cloud Platform Support and re-check that, also to have a record of this action, as you say you were tasked to inform the cloud provider.

iCloud data transfer to other cloud

I have no other choice but to adopt iCloud right now. In the near future i would like to build my own cloud service. Is there any problem if the app transfers all the data from iCloud to my own cloud?
Only the data related to my app of course.
After user's permission.
Is Apple positive about this?
If you mean, would Apple approve an app for the store that was going to transfer the user's iCloud data to some other online service, as usual all we can do is try and gauge the odds.
None of Apple's guidelines even hint that apps may not use non-iCloud services.
Neither do they hint that there's any issue with moving data from one service to another, even if one of them is iCloud.
Apple does not look kindly on apps that transfer user data to online storage without the user's knowledge. Assuming you make it clear to users what you're doing, this is probably not an issue, but users should have the chance to opt out of your service.
Based on information available right now, what you suggest is probably OK so long as your app makes clear what's happening. It's unwise to try and predict Apple's app-approval actions too closely. They might change their policies tomorrow, or they might decide to reject your app for reasons that had not previously been stated. At the moment though, switching services like that seems likely to be accepted.

Using Amazon MechanicalTurk if location is not US?

Amazon Mechanical Turk is a mass-micro outsourcing API, where you can get lots's of small simple tasks (e.g."Is there a shop in this image") done relatively cheaply (e.g. 0.10 U$ per image).
Amazon seems to assume that this service is mostly of interest to US companies. This results in difficulties if you want to use the service (as an "Requester"): for example there is no easy way of funding your Account without an US Bank account.
Can somebody share experiences of using the Service from outside the US?
Since Amazon doesn't let outside US access yet, you'll need to either:
Wait for Amazon to open it up to outside US, might be a long wait.
Get a good friend in the US to open a PO Box for you then use an online US bank to create an account. If you don't start a corporation or other legal business, they will need to provide their US drivers license to Amazon too.
Use a 3rd party provider like HIT-Builder who will let you post on Mechanical Turk using their US Amazon account.
I think they recently changed their rules - I am based in Australia, and as recently as 6 months ago I was unable to use Mechanical Turk. That recently changed and now I am able to post jobs on the service.
You may want to take a look at TurkPrime labs which offers this as a service to non-US based researchers.
The problem you have is that to actually be able to add funds to your account, you need to have a US billing address. If you can get round that issue, then it all works fine.