NiceHash Breach

December 10th, 2017 by admin Leave a reply »

The cryptocurrency mining marketplace NiceHash mentioned that its payment system had been affected by data breach. Contents of its Bitcoin wallet were stolen.

Company didn’t mention the number of bitcoin affected but according to Reddit, the hacker bitcoin address has 4,736 Bitcoin which values $83 million.

“Clearly, this is a matter of deep concern and we are working hard to rectify the matter in the coming days,” the company said in a statement. “In addition to undertaking our own investigation, the incident has been reported to the relevant authorities and law enforcement and we are cooperating with them as a matter of urgency.”

Company has temporarily stopped operations.

Webroot senior threat research analyst Tyler Moffitt mentioned email that the breach should serve as a reminder to the mining community that when mining for a pool, it’s always best to have payouts trigger at the smallest amount. “Even though there are fees associated with using the minimum payout, having the amount sit in the mining pool’s wallet is risky,” he said.

Cybercriminals targeting cryptocurrencies has increased. Imperva’s Global DDoS Threat Landscape Report shows that 73.9 percent of all Bitcoin exchanges were attacked by DDoS method.

“As a rule, extortionists and other cybercriminals are commonly drawn to successful online industries, especially emerging ones that are less likely to be well-protected,” Imperva security evangelist Igal Zeifman said by email. “Attackers can make a lot of money when attacking crypto exchanges due to factors such as the anonymity of the cryptocurrencies, hence the ability to ‘get rid’ of the stolen goods with limited risk.”

Recorded Future report also reported a rapid spike in mining malware.

“Our research has confirmed that cybercriminals are shifting attack vectors from highly damaging ransomware infections to long-term, low-velocity crypto mining operations,” the report states.

The researchers also found out that there are sixty two different types of cryptomining malware available for sale online.

____________________________________________________________________________________________

AlertSec ACCESS checks for full disk encryption on PCs running Windows 7, 8, and 10 Home, Pro and Enterprise as well as Mac OS El Capitan and Sierra.

Leave a Reply