The arrest took place in Nikolaev, where authorities claim that the suspect had been infecting servers belonging to a prominent American company with a miner virus since 2021. Utilizing the “brute force” technique, he persevered through countless cryptographic keys until finding the correct one, granting him unauthorized access to approximately 1,500 company accounts. From there, he exploited the company’s computational resources for cryptocurrency mining purposes.
“By compromising these accounts, the hacker managed to gain control over the company’s services. In order to execute the malware, the hacker created an excess of one million virtual computers,” explained the police.
In January 2023, the cloud service provider contacted Europol to report the compromise of user accounts. Subsequently, Europol shared this information with Ukrainian authorities, initiating a joint investigation. After months of close collaboration, the arrest was made. Investigators executed search warrants on three properties to gather evidence against the suspect.
It is worth mentioning that last year, Google Cloud allocated $1 million in compensation to victims of covert mining activities. Such actions aim to enhance the confidence of corporate users in the service, a sentiment shared by Google Cloud management.