All Products
Document Center

:A running ECS instance is attacked by another ECS instance

Last Updated:Dec 30, 2020

Problem description

A functioning ECS instance is attacked by another ECS instance as a zombie. As a result, normal businesses cannot run properly.


The ECS instance is under an attack.


Alibaba Cloud reminds you that:

  • Before you perform operations that may cause risks, such as modifying instance configurations or data, we recommend that you check the disaster recovery and fault tolerance capabilities of the instances to ensure data security.
  • You can modify the configurations and data of instances including but not limited to Elastic Compute Service (ECS) and Relational Database Service (RDS) instances. Before the modification, we recommend that you create snapshots or enable RDS log backup.
  • If you have authorized or submitted sensitive information such as the logon account and password in the Alibaba Cloud Management Console, we recommend that you modify such information in a timely manner.

Submit attack information in the Alibaba Cloud Reporting Center. Then, Alibaba Cloud security personnel can solve the problem.

Note: all online hosts have a strict control mechanism. Malicious outbound attacks will be sent to accounts that have a rectification notice. If the host is not promptly handled, it will be forcibly shut down. If serious attacks are detected, the host is discouraged.

Application scope

  • Elastic Compute Service