It is quickly becoming a regular occurrence that a crypto exchange or wallet is hacked and unsuspecting users see their Bitcoins plundered. Yesterday, NiceHash had not so nice news as approximately $70 million in crypto was stolen.
In a painful tweet, NiceHash shared the news;
Here is our official PRESS RELEASE about the security breach!https://t.co/yhfdjXkJwc
— NiceHash (@NiceHashMining) December 6, 2017
NiceHash said they were investigating a security breach as their payment system had been compromised. All of the contents of the NiceHash Bitcoin were stolen.
NiceHash stated;
“Clearly, this is a matter of deep concern and we are working hard to rectify the matter in the coming days. In addition to undertaking our own investigation, the incident has been reported to the relevant authorities and law enforcement and we are co-operating with them as a matter of urgency. We are fully committed to restoring the NiceHash service with the highest security measures at the earliest opportunity.”
NiceHash suggested users update their passwords, a recommendation that was of little solace for individuals who lost millions of dollars in cryptocurrencies.
Evgeny Vigovsky, COO of Saifu which is a regulated financial institution that operates in the same space as NiceHash ( and is licensed by the Czech National Bank), commented on the hack;
“The rise of cryptocurrency rates has increased interest and investment in the development of targeted hacker attacks. Many services were not ready for this, because they were not initially designed with security in mind. When users decide where to store their cryptocurrency savings, it always carries risk. For many cryptocurrency exchanges, such as NiceHash, should hackers attack the service and steal the wallet key, users could lose all their money. Furthermore because the service provider doesn’t hold a record of passphrase, users have no means of recovering the wallet or money. All this greatly discourages would-be users.
To avoid these types of issues, we should take safety very seriously on all levels, from the design of the system itself, to processes and regulations. Both financial IT/Security and financial audits with a licence is necessary. Users should take into account what attitude a service has toward security: what tools are used (hw/sw), processes, certification/licenses, how transparent it is or just “Advanced” protection.”
NiceHash, the Largest Crypto-Mining Exchange, Hacked—Stolen Bitcoins ($58 Million At the Time of Theft) Now Worth Over 70 Million in Less than 24-Hours.https://t.co/vIIWoYiiDf
There can be no better reason for hackers than this. pic.twitter.com/FY97zXBxV4
— The Hacker News (@TheHackersNews) December 7, 2017