The Ingenious Crime
A 29-year-old Ukrainian man was recently arrested for illegally mining over $2 million in cryptocurrencies. He cleverly set up 1 million virtual servers by hacking accounts. Europol unveiled today that this man spearheaded a vast cryptojacking operation, misusing cloud computing for mining digital currencies.
Ukrainian Cryptojacking Kingpin, age 29, is detained for using cloud services.
The Cost of Cryptojacking
Cryptojacking allows criminals to profit by degrading the performance of CPUs and GPUs in compromised organizations’ servers. This method of mining cryptocurrencies consumes significant resources, costing victim organizations heavily in terms of energy consumption. Sysdig’s 2022 report estimates that every dollar of Monero (XMR) mined in such attacks costs the victims about $53.
Latest Mirai-Based Botnet Targeting SSH Servers for Cryptomining: NoaBot
Europol’s Swift Response
In January 2023, a cloud service provider investigating compromised accounts alerted Europol about this attack. Collaborative efforts by Europol, Ukrainian police, and the cloud provider led to the development of operation intelligence, crucial in identifying and apprehending the hacker.
The Good, the Bad and the Ugly in Cybersecurity – Week 49
The Arrest and Seizure
On January 9th, the police seized computer hardware, bank and SIM cards, and other evidence from the hacker. Since 2021, he had been using automated tools to brute-force over 1,500 e-commerce accounts, eventually creating a network of over a million virtual machines for mining.
The Application Control Engine in Real-Time CWPP: SentinelOne Cloud Detection
Source: cyberpolice.gov.ua
The Flow of Illegal Funds
The suspect conducted transactions worth approximately $2 million through TON cryptocurrency wallets. Now, he faces criminal charges under the Ukrainian Criminal Code for unauthorized interference in operations of electronic networks.
Forescout Sheds New Light on Denmark’s Energy Sector Cyberattacks
Preventing Cryptojacking
Cybercriminals often target cloud services for cryptojacking. To protect against such attacks, monitoring for unusual activity, like spikes in resource usage, is essential. Implementing endpoint protection, intrusion detection systems, and limiting administrative privileges can greatly reduce the risk. Regularly updating software with security patches and enabling 2FA on all administrative accounts are also key measures in safeguarding against these attacks.
Ransomware -Understanding Threats and Protecting Organization
The malware that took a billion dollars to create, Stuxnet?
SentinelOne Acquires PingSafe in The Next ( And Very Necessary ) Evolution of Cloud Security