Protecting your AWS keys with Credulous

Every week, AWS credentials leak into the wild and are used to mine bitcoins or worse.

In April 2014, DrawQuest closed down after a security breach in which their Amazon Web Services credentials were used to create hundreds of EC2 instances, probably for mining bitcoins. DrawQuest decided they could no longer trust that their core data wasn’t compromised, and closed their doors.

Wouldn’t it be great if there was a tool that could help prevent this sort of thing happening? Well, now there is — enter Credulous.

Continue reading