Arrest in Ukraine: Ukrainian National Police and Europol have arrested a 29-year-old individual in Mykolaiv, Ukraine, suspected to be the mastermind behind a $2 million cryptojacking operation.

Origin of Investigation: The investigation began in January 2023 when a cloud services provider informed Europol about compromised cloud user accounts. Ukrainian authorities initiated the investigation based on this information.

Targeted Ecommerce Company: The hacker, as part of the operation that started in 2021, targeted the servers of a major ecommerce company. More than 1,500 user accounts were hacked using automated password brute-forcing attacks.

Cryptocurrency Mining Malware: After gaining management access, the attacker infected the service with cryptocurrency mining malware, creating over a million virtual computers to run the malware.

Amount Mined: Over the course of the operation, the individual is believed to have mined more than $2 million (€1.8 million) in cryptocurrency.

Police Operation: Ukrainian police conducted searches at three properties, seizing computer equipment, SIM cards, bank cards, and other evidence of illegal activity.

Investigation into Accomplices: Authorities are working to identify potential accomplices and are exploring the suspect's possible affiliation with pro-Russian hacking groups.

Cloud Server Targeting: Cryptojackers often target cloud servers due to the high computing power they offer. The compromised account holders are left with significant cloud bills.

Previous Incidents: The article mentions previous instances of cryptojacking campaigns targeting cloud services, including a campaign that expanded across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) services.

Motivation Behind Cryptojacking: Criminals engage in cryptojacking to use stolen cloud resources for mining cryptocurrencies, avoiding the costs associated with servers and power, which typically outweigh the profits.

Sources and further reading.

Lyon, J. (2024, January 15). Europol says alleged crypto miner made millions from stolen electricity. Protos. https://protos.com/europol-says-alleged-crypto-miner-made-millions-from-stolen-electricity/

Arghire, I. (2024, January 15). Hacker behind $2 million cryptocurrency mining scheme arrested in Ukraine. SecurityWeek. https://www.securityweek.com/hacker-accused-of-running-2-million-cryptocurrency-mining-scheme-arrested-in-ukraine/