Your AWS account could be quietly running someone else's cryptominer. Cryptocurrency thieves are using stolen Amazon account credentials to mine for coins at the expense of AWS customers, abusing their Elastic Container Service (ECS) and their Elastic Compute Cloud (EC2) resources, in an ongoing operation that started on November 2. The illicit cryptocurrency-mining campaign abuses compromised valid AWS Identity and Access Management (IAM) credentials with "admin-like privileges" - it doesn't exploit a vulnerability -