A 29-year-old Ukrainian national has been arrested for running a cryptojacking scheme that earned them over $2 million in illicit profits. The arrest was made on January 9 in Mykolaiv, Ukraine, with the help of Europol and a cloud service provider. The investigation began when the cloud provider alerted Europol to compromised user accounts in January 2023. Three properties were searched for evidence during the probe.
Cryptojacking involves the unauthorized use of someone’s computing resources to mine cryptocurrencies. In cloud environments, attackers gain access through compromised credentials and use the infected host’s processing power to mine crypto without their knowledge or consent. Threat actors often use privilege escalation techniques to obtain additional permissions if the initial credentials do not have the desired access. The goal is to avoid paying for the necessary infrastructure by either exploiting free trials or compromising legitimate tenants.
In October 2023, a cryptojacking campaign was discovered where threat actors stole Amazon Web Services credentials from GitHub repositories to mine Monero. This highlights the ongoing issue of cyber criminals targeting cloud environments for cryptojacking purposes.
Follow us on Twitter and LinkedIn for more exclusive content.