“Malicious actors were observed performing cryptocurrency mining within compromised Cloud instances,” the report said. It added that of 50 recent examples, 86% of cases showed that hackers were mining cryptocurrencies with the accounts.
The report, published by the Google Cybersecurity Action Team, intends to “provide actionable intelligence that enables organizations to ensure their cloud environments are best protected,” Google said.
According to the report, the two common goals behind this activity involve “obtaining profit” and “traffic pumping.”
Other cyberthreats that were identified included malware, hosting unauthorized content on the internet, spam, and launching DDoS bots.
Google, crypto, and the “threat horizon”
Google’s Threat Analysis Group sounded similar alarms last month when it warned of hackers breaking into YouTube accounts to spread cryptocurrency scams.
“The channel name, profile picture, and content were all replaced with cryptocurrency branding to impersonate large tech or cryptocurrency exchange firms,” Google said at the time.
The Group added that hackers would live stream videos that promised cryptocurrency giveaways in exchange for contributions first.
These malicious actors were also Russian speakers, according to Google.
“The actors behind this campaign, which we attribute to a group of hackers recruited in a Russian-speaking forum, lure their target with fake collaboration opportunities,” Google added.
If Russian, this would not have been the first time Russia was embroiled in a crypto-related scandal either.
Earlier this year, Russia’s world-famous skyscraper—Vostok—was found to house a plethora of cybercriminal activity in the heart of Moscow.