The Cyberpolice Department and investigators from the Main Investigation Department of the National Police of Ukraine in collaboration with colleagues from Europol apprehended a 29-year-old individual allegedly responsible for a sophisticated cryptojacking operation that saw nearly $2 million stolen from one of the world’s largest e-commerce entities.

The suspected hacker has been infecting the target’s servers since 2021, the police said. Initially, he infiltrated 1500 accounts of a subsidiary company using a custom password-cracking tool. He then used the compromised accounts to gain access to the service and install cryptomining malware onto the company’s servers. To sustain the malicious software's operation, the hacker created over a million virtual computers.

An investigation into the operation was launched in January 2023 after an unnamed cloud provider reported to Europol about a series of hacks affecting accounts of its customers.

Over the course of more than two years of criminal activity, the hacker siphoned almost $2 million in digital assets into controlled electronic wallets.

During the searches at the suspect’s home, the police officers confiscated computer equipment, bank cards, SIM cards, electronic storage devices, and other evidence of unlawful activities.