Hacker spins up 1 million virtual servers to illegally mine crypto

A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency.
As announced today by Europol, the suspect is believed to be the mastermind behind a large-scale cryptojacking scheme that involves hijacking cloud computing resources for crypto-mining.
By using the computing resources of others' servers to mine cryptocurrency, the cybercriminals can profit at the expense of the compromised organizations, whose CPU and GPU performance is degraded by the mining.
For on-premise compromises, the damage extends to having to pay for increased power usage, commonly generated by miners.
A 2022 report from Sysdig estimated the damage from cryptojacking to be about $53 for every $1 worth of Monero the cybercriminals mine on hijacked devices.
Europol says they first learned of the cryptojacking attack in January 2023 from a cloud service provider who was investigating compromised cloud accounts on their platform.
Europol, the Ukrainian police, and the cloud provider worked together to develop operation intelligence that could be used to track down and identify the hacker.
The police say they arrested the hacker on January 9th, when they seized computer equipment, bank and SIM cards, electronic media, and other evidence of illegal activity.
A separate report by the Ukrainian cyberpolice explains that the suspect has been active since 2021 when he used automated tools to brute force the passwords of 1,500 accounts of a subsidiary of one of the world's largest e-commerce entities.
The threat actor then used these accounts to gain access to administrative privileges, which were used to create more than one million virtual computers for use in the cryptomining scheme.
The Ukrainian authorities confirmed that the suspect was using TON cryptocurrency wallets to move the illegal proceeds, with transactions equal to roughly $2 million.
Threat actors commonly target cloud services to hijack computing resources for illegal cryptocurrency mining.
Methods to defend against cryptojacking attacks include monitoring for unusual activity like unexpected spikes in resource usage, implementing endpoint protection and intrusion detection systems, and limiting administrative privileges and access to critical resources only to those needing them.
Cryptojackers often exploit documented flaws in cloud platforms to achieve an initial compromise.
Finally, all administrative accounts should have 2FA enabled in case their credentials are stolen.
Mandiant's X account hacked by crypto Drainer-as-a-Service gang.
US SEC's X account hacked to announce fake Bitcoin ETF approval.
Decryptor for Babuk ransomware variant released after hacker arrested.
Netgear, Hyundai latest X accounts hacked to push crypto drainers.
X users fed up with constant stream of malicious crypto ads.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Sun, 14 Jan 2024 02:30:06 +0000


Cyber News related to Hacker spins up 1 million virtual servers to illegally mine crypto

Hacker spins up 1 million virtual servers to illegally mine crypto - A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency. As announced today by Europol, the suspect is believed to be the mastermind behind a ...
11 months ago Bleepingcomputer.com
Mine Secures $30M in Series B Funding - PRESS RELEASE. BOSTON and TEL AVIV, Israel, Dec. 5, 2023 /PRNewswire/ - Mine, a pioneering company disrupting the data privacy market, announced today that it has raised $30 million in Series B funding, co-led by Battery Ventures and PayPal Ventures, ...
1 year ago Darkreading.com
Unlocking Data Privacy: Mine's No-Code Approach Nets $30 Million in Funding - An Israeli data privacy company, Mine Inc., has announced that it has completed a $30 million Series B fundraising round led by Battery Ventures, PayPal Ventures, as well as the investment arm of US insurance giant Nationwide, with the participation ...
1 year ago Cysecurity.news
Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
1 year ago Darkreading.com
The Virtual Desktop Revolution: Redefining Work an - A virtual desktop, also referred to as a virtual desktop infrastructure, is a virtualized computing environment that enables users to remotely access and control their desktops from any device with an internet connection. A user who logs in is given ...
1 year ago Feeds.dzone.com
The Future of Virtual Reality in Education - Virtual Reality is rapidly reshaping the landscape of education, offering a powerful and immersive learning experience for students. VR in education offers students the opportunity to explore virtual worlds and engage in realistic simulations, ...
11 months ago Securityzap.com
New Migo malware disables protection features on Redis servers - Security researchers discovered a new campaign that targets Redis servers on Linux hosts using a piece of malware called 'Migo' to mine for cryptocurrency. Redis is an in-memory data structure store used as a database, cache, and message broker known ...
10 months ago Bleepingcomputer.com
Mine's $30M boost will bring AI-based privacy to the enterprise - The shift in regulation for both consumer and employee privacy in both the U.S. and the European Union has increased an enterprise's responsibilities around privacy for both their employees, as well as their customers. Ringel emphasized that their ...
1 year ago Venturebeat.com
CVE-2022-36407 - Insertion of Sensitive Information into Log File vulnerability in Hitachi Virtual Storage Platform, Hitachi Virtual Storage Platform VP9500, Hitachi Virtual Storage Platform G1000, G1500, Hitachi Virtual Storage Platform F1500, Hitachi Virtual ...
8 months ago
Augmented Reality Vs. Virtual Reality - In the realm where Augmented Reality and Virtual Reality converge, a high-stakes game unfolds as these two key players battle for dominance. Augmented Reality and Virtual Reality are two distinct immersive technologies that are often confused. ...
9 months ago Securityzap.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
5 months ago Securityweek.com
Netgear, Hyundai latest X accounts hacked to push crypto drainers - The official Netgear and Hyundai MEA Twitter/X accounts are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. While Hyundai has already regained access to their account and has cleaned ...
11 months ago Bleepingcomputer.com
The Week in Ransomware - January 20th, 2023 Crypto Exchanges Under Attack - The week of January 20th, 2023 brought yet another wave of ransomware attacks targeting crypto exchanges. Crypto exchanges all around the world have been hit by a barrage of sophisticated and well-planned ransomware campaigns. From high-profile ...
1 year ago Bleepingcomputer.com
FBI Charges North Korean Hackers Over $100 Million Stolen in Crypto Hack - The FBI has recently charged a North Korean hacker in connection with the Harmony crypto hack from which the hacker allegedly stole over $100 million. The hacker, Jon Chang Hyok, is a member of the North Korean military intelligence agency, the ...
1 year ago Bleepingcomputer.com
Ex-Amazon engineer pleads guilty to hacking crypto exchanges - Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022. The two affected companies are Nirvana Finance, a decentralized crypto exchange, and an ...
1 year ago Bleepingcomputer.com
Massive Data Breach at Gokumarket: Over a Million Users' Information Exposed - Several days before the leak, the GokuMarket team found an unprotected MongoDB instance, which was storing information about its users, namely those who bought and sold crypto on the exchange. In GokuMarket's case, it is the details of more than a ...
1 year ago Cysecurity.news
Bloomberg Crypto X account snafu leads to Discord phishing attack - The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack. As first spotted by crypto fraud investigator ZachXBT, the profile contained a link ...
1 year ago Bleepingcomputer.com
Web3 security firm CertiK's X account hacked to push crypto drainer - The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. Crypto fraud sleuth ZachXBT later leaked screenshots of ...
11 months ago Bleepingcomputer.com
NY engineer pleads guilty to stealing millions from two crypto exchanges - A former security engineer for an international tech company pleaded guilty in federal court to hacking two decentralized cryptocurrency exchanges. As a result of these hacks in July 2022, U.S. citizen Shakeeb Ahmed, 34, illegally obtained over $12 ...
1 year ago Therecord.media
Sonne Finance developers offer bounty to hacker behind $20 million crypto theft - The team behind the cryptocurrency lending protocol Sonne Finance is offering a hacker an undisclosed bounty following a $20 million theft on Tuesday evening. Sonne Finance allows people to lend and borrow funds without the need for intermediaries ...
7 months ago Therecord.media
The Danger Lurking Just Below Ukraine's Surface - As the National Mine Action Strategy notes, research on mine clearance has been sorely lacking. It's a frustration that Federica Mezzani knows well. Despite the fact that an estimated 110 million mines are still active around the world, they are ...
10 months ago Wired.com
Azure Serial Console Attack and Defense - This is the second installment of the Azure Serial Console blog, which provides insights to improve defenders' preparedness when investigating Azure Serial Console activity on Azure Linux virtual machines. While the first blog post discussed various ...
1 year ago Msrc.microsoft.com
Hacker 'ShinyHunters' Pleads Not Guilty in Cybercrime Case - A hacker known as 'ShinyHunters' has pleaded not guilty in a case of cybercrime. The hacker is accused of taking part in illegal activities to steal data from victims, including passwords, credit card information, and other personal details. The ...
1 year ago Blog.cloudflare.com
Integration of Cisco Secure Threat Defense Virtual with Megaport - Business critical data can originate from diverse sources ranging from multiple public clouds, private clouds, and internal servers to a remote employee's device. Securing each data entity individually is time consuming and challenging due to lack of ...
6 months ago Feedpress.me
Hacking Protected Java-Based Programs - This article provides examples of hacking techniques that can help Java developers avoid vulnerabilities in their programs. It is not intended to train hackers but rather for naive developers who think that standard obfuscators will save them from ...
11 months ago Feeds.dzone.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)