Feds say Nebraska man defrauded cloud service providers over $3.5 million to mine crypto

A Nebraska man operated a large-scale "cryptojacking" scheme that defrauded cloud computing service providers out of more than $3.5 million worth of services, the U.S. Attorney's Office said Monday.

Charles O. Parks III, 45, also known as "CP3O," has been charged with wire fraud, money laundering, and engaging in unlawful monetary transactions in connection with the scheme, according to the U.S. Attorney's Office for the Eastern District of New York. Parks was arrested Saturday and is expected to make his initial court appearance on Tuesday.

According to an indictment unsealed on Monday, Parks stole from two well-known providers of cloud computing services in order to mine cryptocurrency — a digital currency that does not rely on a central authority, such as a government or central bank. Prosecutors said Parks acquired over $970,000 in cryptocurrency, which he laundered through cryptocurrency wallets, cryptocurrency exchanges, and bank accounts.

Parker faces a maximum sentence of 20 years for the wire fraud and money laundering charges in addition to 10 years for the unlawful monetary transactions charges, according to the U.S. Attorney's Office.

His arrest is the latest case of cryptojacking, which is also referred to as malicious cryptomining, the U.S. Attorney's Office said. Cryptojacking is a type of cybercrime where a victim's computer, tablet, or mobile device is secretly used to generate cryptocurrency, according to the New Jersey Institute of Technology.

"Criminals are becoming more adept at manipulating digital tools and hiding behind advanced technology, which often causes significant financial damage to their victims," FBI Assistant Director-in-Charge James Smith said in a statement Monday. "The FBI is committed to the steadfast pursuit of those who attempt to develop innovative techniques to commit crimes."

Massive data hack:A medical tech company that handles billions of records was hacked. What you should know.

Indictment: Suspect used cryptocurrency proceeds to fund lavish lifestyle

From around January 2021 to August 2021, Parks created fictitious names, corporate affiliations and email addresses to register numerous accounts with cloud providers and gain access to "immense amounts of computing processing and storage" that he did not pay for, according to the indictment.

"Parks tricked the providers into approving heightened privileges and benefits, including elevated levels of cloud computing services and deferred billing accommodations, and deflected inquiries from the providers regarding questionable data usage and mounting unpaid subscription balances," the U.S. Attorney's Office said.

Parks used these resources to mine various cryptocurrencies, such as Ether (ETH), Litecoin (LTC) and Monero (XMR), the indictment states. He then converted and laundered the proceeds through cryptocurrency exchanges, traditional bank accounts, and a non-fungible token (NFT) marketplace, which is a digital marketplace that facilitates the exchange and creation of NFTs.

By laundering the cryptocurrency proceeds, Parks was able to disguise the audit trail and disassociate the funds from the scheme, according to prosecutors. Parks also "structured various money movements" to evade transaction reporting requirements under federal law, prosecutors said.

After converting his cryptocurrency proceeds into dollars, Parks used the funds to make extravagant purchases, including a Mercedes Benz luxury car, jewelry, first-class hotel and travel expenses, according to the indictment.

New form of cybercrime following rise in cryptocurrency popularity

In recent years, there has been a surge in the popularity of cryptocurrency, which has led to a new form of malware.

"Unlike most other types of malware, cryptojacking scripts do not normally cause damage to victims’ data," according to the New Jersey Institute of Technology. "However, cryptojacking does slow down a victim’s computer and internet connection and can cause battery drain."

Cryptojacking can occur through malicious applications, websites and GitHub, a web-based platform that allows software developers to create, store, and share their code, the university said.

For cloud environments, cryptojacking can result in financial losses for targeted companies or organizations due to incurred compute fees, according to Microsoft. In July 2023, the technology company reported that it observed organizations targeted by cryptojacking attacks incur more than $300,000 in compute fees.

"To perform cloud cryptojacking, threat actors must typically have access to compromised credentials obtained through various means," according to Microsoft.

Federal authorities have also cracked down on numerous cryptocurrency crimes in recent years. In 2019, a former Seattle technology company software engineer was charged with wire fraud and computer fraud and abuse for the intrusion into data of Capital One and more than 30 other companies, according to the U.S. Attorney's Office.

The former software engineer was able to access companies' servers to steal data and computer power to mine cryptocurrency, the U.S. Attorney's Office said at the time.

In 2021, two Iranian nationals were indicted in Missouri after they were accused of conspiring to victimize a technology company to gain access to the company's account on a cloud service, according to the U.S. Attorney's Office. They had installed numerous computer servers in the cloud in order to generate cryptocurrency.