Cryptojacking Criminal Apprehended After Cracking 1,500 Accounts in $2 Million Cloud Mining Scam

A coordinated effort between Ukrainian law enforcement and European cybercrime authorities has resulted in the arrest of an audacious hacker in the city of Mykolaiv.

The 29-year-old suspect allegedly orchestrated a complex cryptojacking scheme that commandeered a major US company’s cloud server to mine cryptocurrencies worth almost $2 million.

Keypoints

• Ukrainian police arrested a 29-year-old hacker in Mykolaiv for a sophisticated cryptojacking operation
• The hacker allegedly used malware to infect a US company’s server and mine nearly $2 million in cryptocurrencies
• He hacked over 1,500 of the company’s client accounts using brute force techniques to gain access
• Police seized electronic devices and evidence from the hacker’s home
• Europol assisted Ukrainian police in the investigation and warns cloud users to implement better security

Cryptojacking involves using a remote server or network to mine cryptocurrencies without authorization. According to Ukraine’s national police, the unnamed hacker infected the compromised server with malware designed to siphon its computing power towards unauthorized crypto mining.

The extensive operation began in 2021 when the hacker leveraged brute force techniques to crack into over 1,500 client accounts belonging to the hacked US company. Brute forcing attempts to crack passwords or keys through an automated ‘guess and check’ approach running through multiple permutations.

Armed with this trove of plundered account credentials, the hacker stealthily gained entry to the company’s cloud server and implanted the crypto mining malware. This secretly hijacked the powerful computing resources towards mining cryptocurrencies straight into the hacker’s virtual wallet.

Authorities eventually caught on to the scheme after the affected company approached Europol about the mass account breaches in early 2023. Europol subsequently relayed the information to Ukrainian police, prompting a broader investigation that uncovered the server infiltration and role of the Mykolaiv-based hacker.

A raid on the hacker’s home in Ukraine yielded more evidence of illegal cyber activity, including electronic devices, SIM cards, bank cards, and other media. The hacker now faces prosecution as authorities examine potential accomplices and ties to Russian cybercriminal groups.

Europol further warned cloud platform operators and users of the prevalence of cryptojacking threats – urging improved security like multi-factor authentication, activity monitoring, and regular patching to harden cloud environments against unauthorized access. Left unchecked, these schemes can saddle compromised users with exorbitant cloud computing bills exceeding the value extracted by hackers.