asiatimes.com/2020/02/articl…
If you want more technical details, then read further on this thread.
nrcdrafts.com
thefinalnrc.in
thefinalnrc.com
All of these entries' DNS was changed to 127.0.0.1
(See Screenshots below on timeline)
All of them were changed to 127.0.0.1 1 month ago. So if the @HMOIndia knew where to look, this would not have been a surprise.
Check the output. This means AWS account is still *active* and has *not expired* unlike others have reported.
Check it yourself below:
https://13.126.0.220/FinalCDraft1/Draft.htm
Story gets even more interesting here
52.66.163.246
See what shodan.io reports
And yes they *were* running splunk on 8089.
And yes it is *owned* by wipro.
Wipro made all the DNS entries to point to 127.0.0.1 and brought the servers down because of payment issues.
But ask yourself, how badly the entire data security regime is managed. It is practically non-existent and runs on gmail.
h/t to @kaarana_ community for figuring out a lot of this.
/end