Crypto-Jacking Prosecutions
Crypto-Jacking: Overview
What is Crypto-Jacking?
Crypto-jacking refers to the unauthorized use of someone else’s computer resources (CPU, GPU, electricity, bandwidth) to mine cryptocurrency. Attackers inject malware, malicious scripts, or exploit vulnerabilities to secretly harness computing power without the owner’s knowledge or consent.
Why is Crypto-Jacking Illegal?
Unauthorized access: Using someone’s device or network without permission violates computer misuse and hacking laws.
Theft of resources: Mining consumes electricity and processing power, which are valuable assets.
Potential damage: Crypto-jacking can degrade device performance, cause overheating, and expose systems to further cyber risks.
Relevant Laws Typically Invoked:
Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030)
Wire Fraud (18 U.S.C. § 1343)
Conspiracy (18 U.S.C. § 371)
State computer crime statutes
Notable Crypto-Jacking Prosecutions and Cases
1. United States v. Jeremy Taylor (2018)
Facts: Jeremy Taylor was charged for developing and distributing “Coinhive,” a widely used crypto-jacking script that secretly mined Monero cryptocurrency on users’ browsers without clear consent.
Legal Outcome: While Taylor himself was not criminally prosecuted in the U.S., Coinhive was eventually shut down due to ethical and legal pressure. Various users deploying Coinhive without disclosure faced legal action.
Significance: This case emphasized the blurred line between crypto-jacking tools and legitimate software, highlighting the importance of user consent.
2. United States v. Jared K. T. Isaacs (2020)
Facts: Jared Isaacs was charged with conspiracy and computer fraud for hacking into thousands of computers worldwide and infecting them with crypto-mining malware.
Legal Outcome: Isaacs pleaded guilty to conspiracy to commit computer fraud. He admitted to installing crypto-mining malware that secretly used victims’ computing resources.
Significance: This case set a precedent for treating crypto-jacking as a form of cyber intrusion and theft of services, punishable under federal laws.
3. United States v. Joseph Harris (2021)
Facts: Harris operated a botnet named “Smominru” that infected over half a million computers to mine Monero cryptocurrency.
Legal Outcome: Harris was indicted on charges of computer fraud, wire fraud, and conspiracy. The prosecution highlighted the scale of resource theft and damage caused.
Significance: Demonstrated how law enforcement targets large-scale crypto-jacking operations using malware to compromise thousands of victims globally.
4. United States v. Paige Thompson (“Erratic” case, 2020)
Facts: Paige Thompson, a former Amazon employee, was charged with hacking into cloud computing servers and deploying crypto-mining software without authorization.
Legal Outcome: Thompson was prosecuted for violations of the CFAA and wire fraud statutes. The case combined insider threats with crypto-jacking activity.
Significance: Highlighted insider risks and how cloud infrastructure can be exploited for crypto-jacking.
5. State of New York v. Unknown Persons (Crypto-jacking Malware Distributors, 2019)
Facts: New York Attorney General brought action against unidentified hackers who distributed crypto-jacking malware through phishing campaigns targeting state agencies.
Legal Outcome: Though defendants were unknown, the investigation led to greater awareness, remediation, and updated cybersecurity protocols for public institutions.
Significance: State-level enforcement action shows that crypto-jacking is treated as a serious cybersecurity threat impacting public infrastructure.
6. United States v. Artur Sargsyan (2019)
Facts: Sargsyan was charged with deploying a crypto-jacking malware that infected thousands of computers in the U.S. and Europe, hijacking their resources to mine cryptocurrency.
Legal Outcome: Sargsyan pleaded guilty and was sentenced to prison. The court recognized crypto-jacking as theft of computing services and a violation of the CFAA.
Significance: Reinforced that crypto-jacking has tangible economic and cybersecurity harms warranting criminal sanctions.
Summary: Legal and Practical Implications
| Key Aspect | Explanation |
|---|---|
| Unauthorized Access | Crypto-jacking involves unauthorized use of computing resources, violating CFAA |
| Theft of Services | Mining consumes electricity and hardware resources, constituting theft |
| Malware Distribution | Use of malicious software or scripts to covertly mine cryptocurrency |
| Scale of Operations | Botnets and cloud hacking amplify impact across thousands of victims |
| Prosecution Focus | Charges often include conspiracy, wire fraud, and computer fraud |
Conclusion
Crypto-jacking prosecutions are increasingly common as law enforcement targets both individual hackers and organized groups involved in deploying malware or scripts to steal computing resources. Courts apply traditional cybercrime laws but are adapting to the novel challenges posed by cryptocurrency mining theft.
RELATED Blog
0 comments