Alleged “Cryptojacker” Indicted
SHARE

Alleged “Cryptojacker” Indicted

Prosecutors_accuse_Joshua_Paul_Armbrust_of_the_new_crime_of_cryptojacking

Prosecutors accuse Joshua Paul Armbrust of the new crime of “cryptojacking”-- using his employer’s computer resources to mine Ethereum. Photo credit: LinkedIn.

Cryptojacking is what federal officials are calling the illegal practice of using someone else’s network resources without permission to mine cryptocurrency, such as Bitcoin and Ethereum.

Using Former Employer’s AWS Account

Armbrust resigned from his job at Digital River, a Minnetonka, Minn.-based global e-commerce and payment processing company in February 2020, prosecutors say.

After leaving his job, Armbrust allegedly engaged in a cryptojacking scheme between December 2020 and May 2021. As part of that scheme, he used his former company’s resources to mine Ethereum cryptocurrency by leveraging the company’s hardware, say prosecutors. Prosecutors also say that led to reduced system performance for his employer.

As part of the scheme, Armbrust remotely accessed the company’s Amazon Web Services (AWS) account on multiple occasions without authorization and utilized AWS computers to mine Ethereum cryptocurrency, according to an indictment obtained by The Daily Muck.

Joshua_Armbrust_used_$45000_in_his_former_employers_resources_to_mine_$7000_in_crypto_for_himself
Joshua Armbrust used $45,000 in his former employer’s resources to mine $7,000 in crypto for himself, according to an indictment obtained by The Daily Muck.

This unauthorized access resulted in substantial costs for the company, totaling over $45,000. Prosecutors further allege Armbrust transfered the mined Ethereum into a digital wallet and transferred it to two Coinbase accounts registered solely in Armbrust’s name.

Armbrust then liquidated the mined Ethereum, totaling over $7,000, and moved the proceeds to his Wells Fargo banking account.

Early Morning Raid

After an initial investigation, the FBI raided Armbrust’s home was raided on the morning of April 2023. A team of 15-20 agents, accompanied by an electronics-sniffing dog from the Hibbing Police Department, executed a search warrant at his home along Hwy. 23, about five miles north of Orr, according to information provided by local newspaper The Timberjay.

Armbrust’s Response

When asked about the arrest, Armbrust responded via e-mail to The Timberjay:

“I can’t comment on the case itself, but I’d like to comment on the unnecessarily aggressive means by which I was brought in. The FBI showed up early in the morning (maybe 6-ish) and surrounded my house with cars and high-powered rifles. They knew I was no threat and that I was not by any means a violent person. I would have come in of my own will without the need to point guns at me and my wife. They make a big show and love to show their power. The incident I’m being accused of is also non-violent. I have no history of anything, not so much as a parking ticket.”

Defense attorneys question the government’s allegations that Armbrust’s actions caused damage to network resources, according to a defense memorandum obtained by The Daily Muck.

In_a_recent_development_in_the_case_the_defense_asks_prosecutors_to_quantify_exactly_how_Joshua_Armbrusts_actions_damaged_his_employers_computers
In a recent development in the case, the defense asks prosecutors to quantify exactly how Joshua Armbrust’s actions damaged his employer’s computers, another allegation that was included in the indictment.

How to Protect Your Business from Cryptojacking?

People “mine” cryptocurrency by allocating computer resources to validating cryptocurrency transactions.

In most cases, home computers are not sufficient to effectively mine cryptocurrency for a profit. Additionally, cryptomining is energy-intensive, requiring the output of the average U.S. residence over six to seven years in order to yield one Bitcoin, according to a report by TokenTax.

But your business could be susceptible to cryptojacking attempts if it manages a large amount of network resources that would be lucrative to potential cryptojackers.

Monitoring network activity is the most effective way you can detect and deter cryptojacking.This includes cloud computing systems like AWS. Large and unknown network transactions could be unauthorized activity like cryptojacking.

Furthermore, consider minimizing the number of employees that have access to computer resources to as few as possible. As employees leave your company, ensure that network administrators revoke their access to your systems so they cannot use them remotely.

Strahinja Nikolić
Born in Belgrade, raised to love sports, fell for rock and roll. Curious by nature, loves to dig, research and make those who deserve it nervous.
If you spot an error in any of our articles, please contact us at
Email
And we will look into it.

Weekly Muck

Join the mission and subscribe to our newsletter. In exchange, we promise to fight for justice.

By signing up, you confirm that you are over the age of 16 and agree to receive occasional promotional offers for programs that support The Daily Muck’s journalism. You may unsubscribe or adjust your preferences at any time. You can read our Privacy Policy here.

Weekly
Muck

Join the mission and subscribe to our newsletter. In exchange, we promise to fight for justice.

By signing up, you confirm that you are over the age of 16 and agree to receive occasional promotional offers for programs that support The Daily Muck’s journalism. You may unsubscribe or adjust your preferences at any time. You can read our Privacy Policy here