A federal grand jury indictment of a former Amazon software engineer accused of breaching Capital One’s data servers reveals instances of crypto-jacking at the heart of her scheme.

Between March and July 2019, Paige Thompson accessed at least 30 institutions’ servers managed by an unnamed cloud computing company, compromising at least 100 million customer accounts, according to a release published Wednesday. While there is no indication Thompson attempted to sell this information, she did use stolen computing power to mine cryptocurrencies.

According to the indictment, Thompson scanned for and misconfigured vulnerable web firewalls to gain access to rented cloud servers. She would duplicate sensitive “buckets of data” onto her own server kept at home, and cover her tracks using the anonymizing TOR browser.

“The object also was to use the access to the customers’ servers in other ways for [her] own benefit, including by using those servers for cryptojacking,” wrote prosecuting attorneys Steven Masada and Andrew Friedman.

Thompson reportedly spoke about her fraud over Slack and Twitter DMs. At one point, Thompson, under an alleged pseudonym, posted messages referring to cryptojacking over a Slack channel.

“I’ll be employed again soon and if I had a partner I could have them take over my cryptojacking enterprise and be a stay at home,” one such message read, according to a report by Forbes staffer Thomas Brewster.

Another Slack message read: “For some reason i lost a whole fleet of miners all at the same time, so i think someone is onto me.”

Law enforcement became aware of Thompson’s activity after she shared information on GitHub relating to her theft of information from Capital One’s rented servers. The indictment also cites three unnamed victims including a state agency, a telecommunications conglomerate outside the U.S. and a public research university.

She faces up to 25 years in prison if found guilty of the charges, which include two counts of wire fraud and computer fraud. Additionally, Thompson is asked to forfeit her ill-gotten gains, or equivalent assets if inaccessible or untraceable.

Thompson Indictment by CoinDesk on Scribd

Capital One image via Shutterstock

Disclaimer Read More

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

This article is intended as a news item to inform our readers of various events and developments that affect, or that might in the future affect, the value of the cryptocurrency described above. The information contained herein is not intended to provide, and it does not provide, sufficient information to form the basis for an investment decision, and you should not rely on this information for that purpose. The information presented herein is accurate only as of its date, and it was not prepared by a research analyst or other investment professional. You should seek additional information regarding the merits and risks of investing in any cryptocurrency before deciding to purchase or sell any such instruments.