Hackers were using Amazon Cloud to mine Bitcoin

According to the RedLock report, hackers were able to breach into the Amazon Cloud services of two companies for Bitcoin mining
09 October 2017   1293

Hackers were able to hack into the AWS cloud services’ infrastructure of two companies in order to mine Bitcoin. According to the security firm RedLock, the two affected companies were Aviva and Gemalto. Hackers didn’t target any sensitive data of either company. The hackers were only interested to access the Amazon Cloud servers in order to mine cryptocurrencies by executing a bitcoin mining command.

According to the publication, the hackers got the opportunitty to mine due to the fact that the administrative consoles of Kubernetes were not protected by a password. It is also noted that hackers did not take advantage of access to confidential information of companies, but only used Amazon Cloud capacities for crypto currency mining.

Upon deeper analysis, the team discovered that hackers were executing a bitcoin mining command from one of the Kubernetes containers. The instance had effectively been turned into a parasitic bot that was performing nefarious activity over the internet.

RedLock report

The document also says that many companies pay insufficient attention to the potential vulnerabilities of their security systems in cloud services. According to RedLock, 81% of the companies surveyed are taking inadequate security measures, opening up opportunities for hacking cloud services. 

NSA Tracks BTC Users, Snowden Says

According to the documents from former NSA agent, BTC transaction monitoring is one of the main priorities of the agency
21 March 2018   218

The US National Security Agency monitors actions in the bitcoin blovkchain in order to identify users of crypto currency. This is reported by The Intercept, which received a set of documents from a former employee of the NSA Edward Snowden, according to which the monitoring of BTC transactions is one of the main priorities of the agency.

They also say that the work of the NSA in this direction may not be limited to analyzing the blockchain and include the detection of crypto users.

The published document indicates that the NSA has become more likely to collect passwords of bitcoin users, data about their activity on the Internet and the identity of their devices.

According to the report, the NSA monitors bitcoin users from 2013 through a program code-named OAKSTAR, as well as the MONKEYROCKET program, which is the OAKSTAR project. The data collected over the years can allow the NSA to accurately identify participants in crypto-currency transactions.

For information on bitcoin users, the NSA can use XKeyScore, a powerful system for monitoring Internet activity, which became known in 2013, when Snowden revealed information about the surveillance of the NSA.

The document says that the information collected by the Agency is stored in the file "Provider user full.csv", and details of identification of time stamps and Internet addresses of users for the purpose of determining their location are given.