its really sad to see how many AWS Keys are public in github right now. A quick github search reveals many, many key pairs that were checking as recently as this week.
Amazon are apparently scanning themselves. If they are doing this then they might figure that the quantity of exposed keys will undermine their reputation. That is quite something in itself.
Amazon AWS support have (at least on here) a reputation for refunding fraudulent usage that stemmed from compromised keys. If that is in fact a policy they follow, it's in their best interests to cut down on leaked AWS credentials.
I'm guilty of this for an old project and only discovered when Amazon sent me email telling me it was public so Amazon seems to be searching Github (the web?) for mentions of the keys.
