A US federal grand jury recently indicted a former Amazon software engineer, who is accused of hacking into the data servers of Capital One.
Paige Thompson is being charged with wire fraud and computer fraud, as well as abuse for the intrusion into data of over 30 companies, including Capital One.
According to the indictment, Thompson accessed the servers of at least 30 institutions between March and July of 2019, compromising at least 100 million user accounts. However, contrary to the expectations of an attack such as this, the alleged hacker did not attempt to profit from selling data; instead, Thompson harnessed the computing power of the breached servers to mine cryptocurrencies.
As the report details, Thompson would misconfigure vulnerable web firewalls to gain access to rented cloud servers. From there, sensitive data would be duplicated onto her home server.
Thompson was able to avoid detection for temporarily by use of the privacy-minded TOR browser. However, despite her precautions, she was unable to completely erase her paper trail. Thompson reportedly described her illicit acts over Slack and through Twitter DMs, albeit through a pseudonym. One such message appeared over a Slack channel:
I’ll be employed again soon and if I had a partner I could have them take over my cryptojacking enterprise and be a stay at home [sic]
A later Slack message foreshadowed the scheme’s eventual downfall: “For some reason i lost a whole fleet of miners all at the same time, so i think someone is onto me.”
The US Department of Justice has yet to comment on the messages, but stated to Forbes that additional charges against the defendant are a possibility as the investigation unfolds.
Steven Masada and Andrew Friedman, the prosecuting attorneys assigned to the case, summarized the attack as follows:
The object also was to use the access to the customers’ servers in other ways for [her] own benefit, including by using those servers for cryptojacking.
Should Thompson be found guilty, she faces up to 25 years in prison, as well as a forfeiture of any profits from her illicit venture.
The FBI is continuing its investigation of the incident.