Dear Amazon EC2 Customer, We've received a report that your instance(s): Instance Id: i-a9202cc7 IP Address: 75.101.146.179 has been hosting a website that contains malware, meaning software designed to infiltrate or damage a computer system without the owner's informed consent. This includes, but is not limited to, computer viruses, worms, Trojan horses, rootkits, and spyware. Check the information provided below by the abuse reporter. This is specifically forbidden in our User Agreement: http://aws.amazon.com/agreement/ Please confirm that all necessary steps to cease this activity have been taken on your side and reply this email to send your reply of action to the original abuse reporter. This will activate a flag in our ticketing system, letting us know that you have acknowledged receipt of this email. It's possible that your environment has been compromised by an external attacker. It remains your responsibility to ensure that your instances and all applications are secured. The link http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1233 provides some suggestions for securing your instances. Case number: 12448227097-1 Additional abuse report information provided by original abuse reporter: * Destination IPs: * Destination Ports: * Destination URLs: * Abuse Time: Sat May 12 22:57:09 UTC 2012 * Log Extract: The below IP address and URL are currently listed in the Google Safe Browsing list of potential malware/phishing websites. Your IP address: 75.101.146.179Suspicious URL: http://www.flex.com/~hinano/fiesta.htm
Additional information: http://code.google.com/apis/safebrowsing/safebrowsing_faq.html#whyAdvisory