Hacker who mined $2 million in crypto using hacked servers gets nabbed & LPUD update
14 comments
Having Intelligence, knowledge and skill are like possessing a double edged sword.
Use it right and it it could be used for the benefit for the entire community however if used for selfish unlawful purposes it could lead one into serious trouble.
This is wise advice followed by some and not followed by others. A 29 year old man found out the hard way what it means to abuse and exploit technology and get unlawful access to other peoples property.
Arrest made in Ukraine
This week a man from Ukraine got arrested for illegal crypto mining.
The 29 year old was exploiting cloud computing accounts of unsuspecting users.
Once he would get access to a user account he would use the account to mine crypto.
In this ploy the hacker exploits the GPU and CPU power of the account to mine some crypto and the owner who could be an individual or an organization sees the credits of the account being drained at the fast pace which leads to an accelerated depletion of the allocated resources.
Such activities lead to hefty bills being created for the users without having used the resources of the cloud server.
In case the targeted machine is an on premise server then the host would see an enhanced power consumption leading to a greater electricity bill as an added red flag .
What coin is usually mined
Monero is the crypto which users try to mine with their CPU or GPU.
Is crypto mining like this profitable?
If the electricity is free and so is the computing power then perhaps this could make one some money, however these resources can run up the power bill and can put a strain on the computing resources.
If one is accessing other people's hardware and resources without their permission then there can be legal consequences as law eventually catches up with the culprit.
The actual cost of crypto mining
As per a report presented by Sysdig the real cost of cryptojaking is $53 for every $1 worth of Monero that is being mined.
That is $53 would be the expense that is borne by those who have to foot the bill for every $1 worth of Monero that gets mined.
Who would risk so much for $1
The hackers keep finding innovative ways to exploit the facilities to their benefit.
Scaling up the hack made the hacker big money
Since the hackers did not restrict himself to one or a couple of users, instead his victim user base grew as he expanded his exploits by choosing to scale up his operations.
Apparently the suspect has been active in this field since 2021 and using the brute force method managed to get access to 1500 odd users of one well established and leading cloud provider.
Once he would find the passwords of these accounts via brute force password cracking he would work his way to obtain administrator privileges for himself.
This modus operandi of his helped him get access to over one million computers which he would use for cryptojacking.
As per a report by the Ukrainian authorities the hacker made use of a TON crypto wallet to transfer the ill gotten wealth.
Via these dubious operations he carried out transactions to the tune of $2 million USD or 1.8 million Euros.
He ran out of luck when the authorities in Ukraine nabbed him and pressed criminal charges against him.
In an investigation that started months ago when a cloud provider complained to Europol in January 2023 seeking help regarding the unusual activity on its servers and its user accounts being compromised.
The investigations lead to a 29 year old man who was behind the cryptojacking network and was nabbed from Mykolaiv, Ukraine
The investigation was a result of months of collaborative efforts between Europol, the authorities from Ukraine and the cloud provider.
He is being charged under Part 5 of Art. 361 (unauthorized interference in the work of information, electronic communication, electronic communication networks) of the Criminal Code of Ukraine.
This is an ever growing trend
The hackers are always on the lookout to exploit unprotected devices and gullible individuals.
What can we do to protect ourselves from such exploits?
- Install monitoring software to spot any unusual spike in the cloud activity of our cloud account.
- Implement endpoint protection
- Implement & Install intrusion detection systems
- While assigning server access make sure to limit the administrative privileges and access to all the critical resources of your server and to devices connected to it.
- Perform regular security updates.
- Enable 2FA enabled security for all admin. accounts.
Report based on Europol press release
The big news for the day is that....
Today is LPUD or rather the first LPUD for 2024
The day we power up our leo tokens. Make sure you power up your leo tokens and be eligible for some amazing prizes
What are the LPUD prizes this time?
| Column 1 | Column 2 | Column 3 |
|---|---|---|
| Incentive | 50 | 150 |
| 2k from @simplifylife | ✅ | ✅ |
| 3k from @gardian | ✅ | ✅ |
| 5k from @l337m45732 | ✅ | ✅ |
| 5k from @tbnfl4sun | ✅ | ✅ |
| 5k from @dagger212 | ✅ | ✅ |
| 5k from @forexbrokr | ✅ | ✅ |
| 5k from @jongolson | ✅ | ✅ |
| 5k from @scaredycatguide | ✅ | ✅ |
| 5k from @silversaver888 | ✅ | ✅ |
| 5k from @steemstreems | ✅ | ✅ |
| 5k from @whatsup | ✅ | ✅ |
| 5k from @bitcoinflood | ✅ | ✅ |
| 5k from @leogrowth | ✅ | ✅ |
| 5k from @mcoinz | ✅ | ✅ |
| 5k from @beststart | ✅ | ✅ |
| 5k from @trumpman | ✅ | ✅ |
| 5k from @trumpman | ✅ | ✅ |
| 5k from @trumpman | ✅ | ✅ |
| 10k from @edicted | ❌ | ✅ |
| 10k from @taskmaster4450 | ❌ | ✅ |
| 10k from @niallon11 | ❌ | ✅ |
| 10k from @anomadsoul | ❌ | ✅ |
| 10k from @alexvan | ❌ | ✅ |
| 20k from @inleo | ❌ | ✅ |
10 InLeo Premium for ten random Lions who power up at least 150 $LEO!
What is the eligibility for the LPUD prizes ?
There are two types of power up:
CUB attack: Power up at least 50 $leo on the 15th
LION attack: Power up at least 150 $leo on the 15th.
Being eligible for the rewards
Your total Leo Power (on the 15th) must be less than 25k.
You must power up at least 50 Leo on December 15.
You must not have powered down Leo since September 15.
Make a post on InLeo about LPUD, why are you joining, what do you think about the initiative, the community or anything related to InLeo (A Thread is not enough)
for more details please refer to this post
Posted Using InLeo Alpha
Comments