Cybercriminals continue to exploit the lucrative world of cryptocurrency, as evidenced by two recent high-profile arrests involving the development and distribution of malware, as well as a large-scale illegal cryptojacking operation. Authorities in Australia and the United States have taken action against individuals allegedly responsible for these illicit activities, highlighting the persistent threat posed by such schemes.
TLDR
- Two individuals were arrested – one in Australia and one in the U.S. – for their alleged involvement in developing and distributing the Hive RAT malware.
- A 24-year-old man from California named Edmond Chakhmakhchyan was arrested for selling licenses of the Hive RAT malware.
- Charles O. Parks III, a 45-year-old man from Nebraska, was indicted for operating a massive illegal cryptojacking scheme that defrauded cloud providers of over $3.5 million in computing resources to mine nearly $1 million worth of cryptocurrency.
- Parks allegedly tricked cloud providers into granting heightened privileges and deferred billing, allowing him to access immense computing power without paying, which he used for cryptocurrency mining.
- Parks is accused of laundering the mined cryptocurrency proceeds through various means, including cryptocurrency exchanges, NFT marketplaces, and bank accounts, to conceal the criminal trail and fund an extravagant lifestyle.
In Australia, the Australian Federal Police (AFP) announced charges against an unnamed individual for their purported role in the creation and sale of Hive RAT, a remote access trojan (RAT) that provided unauthorized access to victims’ computers. The suspect faces 12 charges, including producing, controlling, and supplying data with the intent to commit computer offenses, each carrying a maximum penalty of three years’ imprisonment.
According to the AFP, RATs like Hive RAT are among the most harmful cyber threats, granting criminals full control over infected devices, enabling them to commit crimes anonymously, monitor victims through cameras, wipe hard drives, and steal sensitive information such as banking credentials and cryptocurrency wallets.
Concurrently, in the United States, Edmond Chakhmakhchyan, a 24-year-old from Van Nuys, California, was arrested for his alleged role in selling licenses for the Hive RAT malware. Chakhmakhchyan, also known as “Corruption,” is accused of advertising the malware on a cybercrime forum, accepting cryptocurrency payments from customers, and offering product support.
The U.S. Justice Department alleges that Chakhmakhchyan worked in partnership with the malware’s creator, promoting and distributing Hive RAT, which enabled purchasers to access victims’ private communications, login credentials, and personal information without their knowledge or consent. Chakhmakhchyan has been charged with one count of conspiracy and one count of advertising an interception device, each carrying a maximum sentence of five years in prison.
FBI Agents arrested Edmond Chakhmakhchyan, 24, of Van Nuys, for allegedly selling #malware using the moniker "Corruption," giving purchasers control over victim computers & access to private communications, login credentials & PII. @AusFedPolice Details: https://t.co/T6KZoJUWHU pic.twitter.com/OO62HgxEBh
— FBI Los Angeles (@FBILosAngeles) April 12, 2024
In a separate case, Charles O. Parks III, a 45-year-old from Nebraska, was indicted for operating a massive illegal cryptojacking scheme that defrauded two well-known cloud computing service providers out of more than $3.5 million in computing resources. Parks, also known as “CP3O,” allegedly used these stolen resources to mine various cryptocurrencies, including Ether, Litecoin, and Monero, amassing nearly $1 million worth of digital assets.
According to the indictment, Parks created numerous fictitious identities, corporate affiliations, and email addresses to register accounts with the cloud providers, gaining access to immense computing power and storage without paying. He is accused of tricking the providers into granting him heightened privileges and deferred billing accommodations, deflecting inquiries about questionable data usage and mounting unpaid balances.
The illicitly mined cryptocurrency was then laundered through a network of cryptocurrency exchanges, a non-fungible token (NFT) marketplace, an online payment provider, and traditional bank accounts, allegedly to conceal the digital transaction trail. Prosecutors claim that Parks structured various money movements to evade transaction reporting requirements under federal law.
Ultimately, Parks is alleged to have converted the cryptocurrency proceeds into dollars, using the funds to finance an extravagant lifestyle, including the purchase of a Mercedes-Benz luxury car, jewelry, and first-class hotel and travel expenses.