Cloud Threat Landscape
  • Incidents
  • Actors
  • Techniques
  • Defenses
  • Tools
  • Targeted Technologies
  • Posters & Newspapers
  • About
  • RSS
  • STIX
  • Back to wiz.io
Cloud Threat Landscape

USAID cryptojacking incident

Type
Incident
Actors
❓Unknown
Pub. date
January 31, 2025
Initial access
Password attack
Impact
Resource hijacking
Observed techniques
Password sprayingCloud compute cryptojacking
References
https://fedscoop.com/cryptojacking-federal-government-agencies-usaid/
Status
Finalized
Last edited
Feb 2, 2025 7:33 AM

The U.S. Agency for International Development (USAID) was hit by a cryptojacking attack. A global administrator account in a test environment within their Azure subscription was compromised as a result of a password spray attack. The attackers then leveraged the compromised account to create another account, and both were then abused for crypto-mining, resulting in charges of half a million dollars.

Made with 💙 by Wiz

Last Updated: April 3, 2025