News / NiceHash data breach: Hackers steal more than $62 million in Bitcoin
NiceHash data breach: Hackers steal more than $62 million in Bitcoin
7 December 2017 |
NiceHash, a popular cryptocurrency marketplace, recently announced that its payment system was compromised, resulting in the loss of Bitcoin wallet value worth millions of dollars.
Suspected hackers stole more than $60 million in Bitcoin value from customers' Bitcoin wallets after compromising a payment system run by NiceHash.
In a press release on Wednesday, NiceHash confirmed the breach but said that it was yet to work out the precise amount of Bitcoin stolen from customer wallets. At the same time, the marketplace didn't confirm exactly how many customers were affected but said it is conducting a detailed investigation on the breach.
'Unfortunately, there has been a security breach involving NiceHash website. We are currently investigating the nature of the incident and, as a result, we are stopping all operations for the next 24 hours. Importantly, our payment system was compromised and the contents of the NiceHash Bitcoin wallet have been stolen. We are working to verify the precise number of BTC taken,' said NiceHash.
'Clearly, this is a matter of deep concern and we are working hard to rectify the matter in the coming days. In addition to undertaking our own investigation, the incident has been reported to the relevant authorities and law enforcement and we are co-operating with them as a matter of urgency. We are fully committed to restoring the NiceHash service with the highest security measures at the earliest opportunity,' it added.
According to CoinDesk, hackers stole as much as many as 4,736.42 Bitcoin from NiceHash customer wallets which is equivalent to more than $62 million at current prices. The value of Bitcoin crossed $15,000 recently and as such, this is the best time for hackers and cyber thieves to steal as many Bitcoin as they can.
NiceHash has asked all customers to change their wallet passwords as a precaution but Tyler Moffitt, Senior Threat Research Analyst at Webroot, believes that people who use NiceHash's services for mining cryptocurrency should always have payouts trigger at the smallest amount and that the firm should do more to secure the security around customer wallets.
'This is devastating news for those in the mining community. NiceHash is a fantastic way for those who use just their personal computers or small mining farms to still get consistent payments by pooling together their hashing power.
'This hack is a lesson for the community to ensure that when mining for a pool, to always have payouts trigger at the smallest amount. Even though there are fees associated with using the minimum payout, having the amount sitting in the mining pools wallet is risky.
'It doesn’t take much for mining pool operators to keep these types of wallets secure. If you don’t, this is what can happen. It will be a huge uphill battle for NiceHash to overcome this breach as it's very damaging to its brand,' he said.
This isn't the first time that cyber thieves have targeted cryptocurrency websites to steal large amounts of money in Bitcoin. Back in July, a hacker managed to steal $7.4 million in cryptocurrency by hacking into CoinDash, a trading platform, during an Initial Coin Offering.
'It is unfortunate for us to announce that we have suffered a hacking attack during our Token Sale event. During the attack $7 million were stolen by a currently unknown perpetrator. The CoinDash Token Sale secured $6.4 million from our early contributors and whitelist participants and we are grateful for your support and contribution,' said CoinDash in a statement.
Latest posts by Jay Jay (see all)
- Hackers use Triton malware to compromise critical safety systems at Schneider Electric - 14th December 2017
- New polymorphic malware caught evading antivirus solutions to disrupt businesses - 14th December 2017
- FCA mandates banks to reveal all security incidents from next year - 14th December 2017
- Hackers breach Anthony Gold Solicitors’ email accounts, launch phishing attacks - 14th December 2017
- One-third of UK organisations have no formal data-cleansing processes as yet - 14th December 2017