The National Police of Ukraine, with the support of Europol, apprehended a so-called “cryptojacker” for breaching cloud accounts and illicitly mining cryptocurrencies via one million virtual servers.
The arrest signifies a notable escalation in the scope of crypto-jacking, a cyberattack method where hackers seize computer resources to mine cryptocurrencies illegally.
Crypto-jacker apprehended
In Ukraine, authorities apprehended a 29-year-old for unlawfully mining cryptocurrencies by compromising numerous cloud accounts. The arrest, executed on Jan. 9 in Mykolaiv, resulted from a collaboration between Europol and an undisclosed cloud service provider.
Europol described the incident as a ‘sophisticated cryptojacking scheme’ in a press statement on Jan. 12.
The suspect, believed to have mined over $2 million (€1.8 million) in cryptocurrencies, allegedly breached 1,500 accounts using automated tools, according to Ukrainian cyber police involved in the operation.
The individual gained administrative privileges, creating more than one million virtual computers for a large-scale crypto-mining operation. TON cryptocurrency wallets were purportedly used to transfer the illegal proceeds, and three properties were searched during the operation, prompted by a tip-off from the cloud provider.
During the operation, Europol’s European Cybercrime Centre (EC3) set up a virtual command post on auction day. This post provided analysis and forensic support to the Ukrainian National Police regarding the data collected in the searches.
Ukrainian authorities stated that the arrested individual has been involved in the illicit activity since 2021 and is slated for prosecution.
Cryptojacking within a cloud setting entails unauthorized access by malicious actors to cloud computing infrastructure, exploiting its computational power for cryptocurrency mining.
This method allows cryptojackers to circumvent expenses related to servers and power, maximizing their profits. Importantly, the compromised account holders are burdened with significant cloud bills.
Cryptocurrency thefts continue
Authorities are increasingly alarmed by the swift rise in cryptocurrency theft, prompting intensified efforts to combat hackers and illegal cryptocurrency schemes.
In June last year, Russian nationals were charged with hacking the Mt. Gox cryptocurrency exchange and operating the illicit cryptocurrency exchange BTC-e.
The Justice Department unveiled charges linked to the 2011 breach of the cryptocurrency exchange Mt. Gox and the illicit operation of the cryptocurrency exchange BTC-e.
Court documents reveal that Russian nationals Alexey Bilyuchenko, 43, and Aleksandr Verner, 29, face charges of conspiring to launder around 647,000 bitcoins obtained from the Mt. Gox hack.
Additionally, Bilyuchenko was also accused of conspiring with Alexander Vinnik to run BTC-e from 2011 to 2017.
In 2023, crypto hackers pilfered over $1 billion through 75 hacks, a decline from the record $3 billion in 2022. Despite the reduced total value, the heightened frequency of incidents raises concerns about the cryptocurrency industry’s resilience against criminal activities. Notably, the diminished value of the stolen funds correlates with the crash in Bitcoin and Ether prices, even as the number of heists surged.
A substantial portion of the stolen funds, totaling $1.1 billion, can be attributed to North Korean hackers involved in hacking decentralized finance (defi) protocols.
This increasing trend in crypto heists, coupled with the overall market downturn for cryptocurrencies, has triggered apprehensions regarding the industry’s security and the absence of regulatory oversight.
The landscape of crypto hacking threats has evolved in complexity and sophistication, as hackers exploit computer resources for mining cryptocurrencies, especially the privacy coin Monero (XMR).
These incidents underscore the imperative for enhanced cybersecurity measures, regulatory scrutiny, and public awareness to effectively counter the growing menace of crypto hacking and illicit activities.
This news is republished from another source. You can check the original article here