The cryptominer campaign targeted the SaaS industry, using cloud infrastructure to mine cryptocurrencies optimized for CPU-based mining. The campaign was active as early as July 2021 and experienced a large uptick in activity throughout 2023 and 2024. The campaign used seven repositories to download and execute cryptominer binaries on target systems, with execution stages evolving over time to evade detection. The campaign mined VerusCoin, TideCoin, and SugarChain, with an estimated $6,500 in cryptocurrency mined across the lifetime of all wallets. The campaign is believed to have cost cloud providers upwards of $20,000-$30,000 per month in wasted spend. The campaign used over 3,200 email addresses associated with custom domain names, with a significant portion coming from Microsoft cloud networks.