Action Required: Suspicious Activity Observed on Google Cloud Project pangeo (id: pangeo-181919)

[rabernat]

Notification from Google Cloud Support. Does anyone have any idea about this?

Our systems identified that your Google Cloud Platform / API Project ID pangeo (id: pangeo-181919) may have been compromised and used for cryptocurrency mining.

This activity was detected as originating from IP 34.70.27.158 and VM ID 1640535431718569339:us-central1-b to destination IP 81.91.189.245 on remote port 4444 between 2020-11-10 10:37 and 2020-11-10 10:51 (Pacific Time), though it may still be ongoing.

We recommend that you review this activity to determine if it is intended. Cryptocurrency mining is often an indication of the use of fraudulent accounts and payment instruments, and we require verification in order to mine cryptocurrency on our platform.

Therefore if you wish to continue engaging in cryptocurrency mining, and you haven't already applied for an Invoiced Billing Account (support.google.com/cloud/contact/apply_for_invoiced_billing), please do so. Additional information is available in the Cloud Security Help Center(support.google.com/cloud/answer/6262505).

If you believe your project has been compromised, we recommend that you secure all your instances (https://support.google.com/cloud/answer/6262505), which may require uninstalling and then re-installing your project.

To better protect your organization from misconfiguration and access the best of Google's threat detection, you may consider enabling Security Command Center (SCC) for your organization. To learn more about SCC visit https://cloud.google.com/security-command-center.

[magroberth]

I received de same mail but i dont know what about