Share this article

Capital One Hacker Used Stolen Computing Power to Mine Crypto

Capital One hacker Paige Thompson had been using stolen computing power to mine cryptocurrencies, a federal grand jury indictment revealed.

Updated Sep 13, 2021, 11:23 a.m. Published Aug 30, 2019, 7:00 a.m.

"Unlike many other markets, cryptocurrencies trade 24/7, thereby requiring traders to make decisions at all times throughout the day," Capital One wrote in its filing. (Shutterstock)

A federal grand jury indictment of a former Amazon software engineer accused of breaching Capital One’s data servers reveals instances of crypto-jacking at the heart of her scheme.

Between March and July 2019, Paige Thompson accessed at least 30 institutions’ servers managed by an unnamed cloud computing company, compromising at least 100 million customer accounts, according to a release published Wednesday. While there is no indication Thompson attempted to sell this information, she did use stolen computing power to mine cryptocurrencies.

STORY CONTINUES BELOW

Don't miss another story.Subscribe to the Crypto Long & Short Newsletter today. See all newsletters

By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

According to the indictment, Thompson scanned for and misconfigured vulnerable web firewalls to gain access to rented cloud servers. She would duplicate sensitive “buckets of data” onto her own server kept at home, and cover her tracks using the anonymizing TOR browser.

“The object also was to use the access to the customers’ servers in other ways for [her] own benefit, including by using those servers for cryptojacking,” wrote prosecuting attorneys Steven Masada and Andrew Friedman.

Thompson reportedly spoke about her fraud over Slack and Twitter DMs. At one point, Thompson, under an alleged pseudonym, posted messages referring to cryptojacking over a Slack channel.

“I’ll be employed again soon and if I had a partner I could have them take over my cryptojacking enterprise and be a stay at home," one such message read, according to a report by Forbes staffer Thomas Brewster.

Another Slack message read: “For some reason i lost a whole fleet of miners all at the same time, so i think someone is onto me.”

Law enforcement became aware of Thompson’s activity after she shared information on GitHub relating to her theft of information from Capital One’s rented servers. The indictment also cites three unnamed victims including a state agency, a telecommunications conglomerate outside the U.S. and a public research university.

She faces up to 25 years in prison if found guilty of the charges, which include two counts of wire fraud and computer fraud. Additionally, Thompson is asked to forfeit her ill-gotten gains, or equivalent assets if inaccessible or untraceable.

Thompson Indictment by CoinDesk on Scribd

Capital One image via Shutterstock

Capital One News Cryptojacking

Daniel Kuhn

Daniel Kuhn was a deputy managing editor for Consensus Magazine, where he helped produce monthly editorial packages and the opinion section. He also wrote a daily news rundown and a twice-weekly column for The Node newsletter. He first appeared in print in Financial Planning, a trade publication magazine. Before journalism, he studied philosophy as an undergrad, English literature in graduate school and business and economic reporting at an NYU professional program. You can connect with him on Twitter and Telegram @danielgkuhn or find him on Urbit as ~dorrys-lonreb.