Cryptojacking Mastermind Accused of Illegally Mining Over $2 Million Arrested in Ukraine

In a joint effort, the National Police of Ukraine and Europol arrested an individual in Mykolaiv, Ukraine, suspected of involvement in a complex cryptojacking scheme.

The 29-year-old allegedly exploited hacked accounts to create 1 million virtual servers, allowing him to illegally mine over $2 million worth of cryptocurrency tokens.

An unnamed cloud provider helped with the investigation, which ultimately led to the identity and location of the individual. The company approached Europol in January 2023 with helpful information about compromised cloud user accounts.

Three Properties Searched for Evidence

According to Europol, authorities searched three properties to gather evidence against the suspect, and the arrest occurred after months of investigation.

“Europol’s European Cybercrime Centre (EC3) set up a virtual command post on the action day, supporting the Ukrainian National Police from Europol’s headquarters, with analysis and forensic support on the data gathered during the searches,” reads Europol’s press release.

Cryptojacking in Cloud Environments

Cryptojacking schemes involve threat actors piggybacking on a victim’s computing resources, either in cloud environments or on-premises. In this case, the perpetrator gained unauthorized access to cloud computing resources and leeched its computational power to mine cryptocurrency tokens illegally.

Stealthily mining crypto allowed the attacker to avoid paying for the servers and power used while placing the financial burden on the shoulders of compromised account holders.

Protecting Against Cloud Cryptojacking

The very nature of cryptojacking involves operating under the radar, so detecting these attacks can often prove daunting. However, as Europol’s advisory highlights, there are several ways to defend oneself against them, specifically in cloud environments:

• Regular monitoring of cloud environments for unauthorized access, suspicious activities, and unexpected resource utilization
• Robust authentication methods that prevent unauthorized access to cloud resources
• Applying the latest security patches to cloud resources, including containers and virtual machines

Cryptojacking Also Affects Home Users

Unfortunately, cryptojacking doesn’t only target cloud environments; home users and their on-premises devices often get caught up in these schemes.

Mining from single machines outputs a low amount of power, so perpetrators often combine the mining powers of multiple machines by creating illegal mining pools.

Not only does this technique yield more profit, but it also helps threat actors manage each individual’s mining power, keeping it at reasonable levels to avoid suspicion in the long run.

Keeping a close eye on your device’s power consumption is vital in combatting these ruthless attacks. Furthermore, dedicated software such as Bitdefender Ultimate Security can keep your device clean of unwanted crypto mining software, viruses, Trojans, worms, ransomware, spyware, zero-day exploits, and other digital threats.