In an effort to help prevent this from happening to others I have a question:
- You mentioned "those instances were 100% using an encrypted wallet." I thought you couldn't mine with an encrypted wallet?
- On EC2 where you running windows or linux instances? I know with linux instances you can only log in with your keypair (pem) and all ports are blocked unless you open them with a custom security group config. Not sure on windows (I believe you can set a custom administrator password and clone with the same windows login ID and RPD easily to it)
As you mentioned this likely happened earlier though... This is why I do not use shared wallets. Or store my central wallets on windows =/
Yes mining with an encrypted wallet is fine. You can't use sendtoaddress while encrypted though.
I was using Linux instances with all incoming ports closed except 22 for SSH.
I've learned my lesson with shared wallets. Even though it is significantly easier to manage across lots of machines, I'll never do it again!
Thats a lot of XPM, hope my donation helps cover a small piece of the costs. Please keep us updated on your findings. You could make a good guide about securely using your wallet on different machines, which in itself could be worth some nice donations.
Good luck and I hope the XPM will come back to you.
Thanks, that's very kind of you