Ukrainian police and Europol have collaborated to arrest a Ukrainian hacker involved in the compromise of a major U.S. cloud service provider with cryptocurrency mining malware that enabled the theft of more than $2 million worth of cryptocurrency since 2021, reports The Record, a news site by cybersecurity firm Recorded Future.
The cloud service provider had its servers infiltrated by the hacker through the breach of a subsidiary's 1,500 accounts via a brute-force attack, with the compromised accounts then leveraged to facilitate remote system access and the deployment of a cryptominer, which was managed by over a million virtual computers, according to Ukrainian police. Investigation into the cryptojacking scheme commenced after Europol was sought by the impacted cloud provider.
"By stealing cloud resources to mine cryptocurrencies, the criminals can avoid paying for the necessary servers and power, the cost of which typically outweighs the profits. The compromised account holders are left with huge cloud bills," said Europol.
TechCrunch reports that major U.S. healthcare revenue and payment cycle management provider Change Healthcare had its systems targeted by a cyberattack on Feb. 20, which resulted in the loss of access across most of the prescription processor's login pages.