As part of a “sophisticated cryptojacking scheme,” a 29-year-old Ukrainian national has been detained; the operation brought in over $2 million (€1.8 million) in illegal revenues.
With assistance from Europol and an unidentified cloud service provider, the National Police of Ukraine captured the individual dubbed the “mastermind” of the operation on January 9 in Mykolaiv, Ukraine, after “months of intensive collaboration.”
“In January 2023, a cloud provider contacted Europol with details about their compromised cloud user accounts,” the agency stated, noting that it forwarded the information to the Ukrainian authorities.
Three residences were searched as part of the investigation to find evidence against the suspect.
The term “cryptojacking” is a kind of cybercrime that involves using someone’s or an organization’s computer resources without authorization to mine cryptocurrency.
Such attacks are usually carried out on the cloud by installing miners that use the infected host’s processing capacity to mine cryptocurrency without the owner’s knowledge or agreement and breaking into the infrastructure using compromised credentials that were obtained via other ways.
In July 2023, Microsoft said privilege escalation is used to get threat actors’ desired rights for credentials. Threat actors can hijack subscriptions to hide their activity.”
The main concept is to use free trials or breaches of reputable tenants’ properties to carry out crypto-jacking assaults to avoid paying for the infrastructure needed to mine cryptocurrency.
Palo Alto Networks Unit 42 published a report on a cryptojacking effort in October 2023. The campaign involved threat actors mining Monero by obtaining Amazon Web Services (AWS) credentials from GitHub projects five minutes after they were made public.
