Action Required: Suspicious Activity Observed on Google Cloud Project pangeo (id: pangeo-181919)

[rabernat]

Notification from Google Cloud Support. Does anyone have any idea about this?

Our systems identified that your Google Cloud Platform / API Project ID
pangeo (id: pangeo-181919) may have been compromised and used for
cryptocurrency mining.

This activity was detected as originating from IP 34.70.27.158 and VM ID
1640535431718569339:us-central1-b to destination IP 81.91.189.245 on remote
port 4444 between 2020-11-10 10:37 and 2020-11-10 10:51 (Pacific
Time), though it may still be ongoing.

We recommend that you review this activity to determine if it is intended.
Cryptocurrency mining is often an indication of the use of fraudulent
accounts and payment instruments, and we require verification in order to
mine cryptocurrency on our platform.

Therefore if you wish to continue engaging in cryptocurrency mining, and
you haven't already applied for an Invoiced Billing Account
(support.google.com/cloud/contact/apply_for_invoiced_billing), please do
so. Additional information is available in the Cloud Security Help
Center(support.google.com/cloud/answer/6262505).

If you believe your project has been compromised, we recommend that you
secure all your instances
(https://support.google.com/cloud/answer/6262505), which may require
uninstalling and then re-installing your project.

To better protect your organization from misconfiguration and access the
best of Google's threat detection, you may consider enabling Security
Command Center (SCC) for your organization. To learn more about SCC visit
https://cloud.google.com/security-command-center.

[magroberth]

I received de same mail but i dont know what about