back to article NiceHash diced up by hackers, thousands of Bitcoin pilfered

Cryptocurrency mining market NiceHash says it has fallen victim to a hacking attack that may have resulted in the loss of its entire Bitcoin wallet. The marketplace, where users can buy and sell their computing cycles to mine cryptocurrency, issued a statement Wednesday afternoon confirming that it had indeed fallen victim to …

Silver badge

Extremely unfortunate but I have little sympathy for those who have thousands of dollars worth of Bitcoin waiting to be paid out, if you're mining enough to be bringing in that kind if amount then you should be experienced enough with cryptocurrency to accept risks like this, and perhaps mitigate your risk by spreading your mining power around a bit.

I've used Nicehash myself in the past but for amount that worked out to at most tens of Pounds a week.

21
2
Anonymous Coward

"NiceHash diced up by hackers, "

Netcraft says it runs Linux. As per usual when something internet facing is hacked.

4
39
Anonymous Coward

As per usual when something is internet facing.

FTFY!

To be fair I'm sure the "their own fault for badly configuring it" excuses will be along in a minute. I just don't get why that excuse cuts no mustard on windows...

8
6
Silver badge

Netcraft says it runs Linux. As per usual when something is internet facing.

FTFY

PS @Anonymous Coward, how's the weather in Redmond today?

22
6
Silver badge

Current situation seems to be a perfect storm of risky exchanges and (relatively) long lead times between asking to sell and the transaction completing.

And I still don't understand what problem a crypto-currency is actually solving for me: the only-slightly-paranoid (and very occasional) purchaser of politics, polemics and handbag-friendly phalli.

9
1

Re: As per usual when something is internet facing.

To late for that kind of FUD. You lost ages ago.

12
0
Silver badge

"And I still don't understand what problem a crypto-currency is actually solving for me"

It doesn't solve any issue unless you're a criminal - then you can make (in theory) untracable transactions. For everyone else its either just a very risky investment vehicle or simply a way of trying to have a finger on the pulse of what they've been told the future will be. Personally I don't think non government cryptocurrencies will ever be big enough to threaten major governments tax income or currencies because if any of them did they'd find themselves the victims of a vicious stuxnet like cyber attack. Bitcoin might be encrypted but even encrypted data can be trashed and made worthless. Do that to enough wallets and its bye bye confidence in bitcoin.

12
4
Silver badge
WTF?

OK, I'll bite

OK, I'll bite. Don't these organizations keep their "main wallet(s)" offline, and only a "working wallet(s)" connected to the internet, and only connect the "main wallet(s)" to the internet periodically and just long enough to sweep coin to/from the working wallet(s) to keep operations working? That would cut down the attack surface for the main wallets. You might even have a pipeline of such mainly offline wallets to pass through for greater isolation of the main wealth. That would pretty much be the cyber coin version of what any normal business would do with conventional accounting/banking practices - compartmentalize the working bank accounts for collecting accounts receivables, paying bills, paying payroll, paying taxes, etc, separate from the accounts for accumulating/investing profits/whatever.

5
0
Silver badge

Re: OK, I'll bite

"and only a "working wallet(s)" connected to the internet, and only connect the "main wallet(s)" to the internet periodically and just long enough to sweep coin to/from the working wallet(s) to keep operations working?"

Iran had its nuclear enrichment facility control systems air gapped. It only took 1 USB stick to let stuxnet loose on it. You think these bitcoin exchanges would do any better? If a powerful nation state wanted to destroy bitcoin or at least make it worthless, then IMO it could.

5
1
Bronze badge

Netcraft says it runs Linux.

Probably find rather than the web server being hacked directly, workers running Windows machine were phished with nasty emails containing the malware that gave entry to their network or credentials needed to steal the BTC.

3
0

>>It doesn't solve any issue unless you're a criminal

Or a gambler.

3
0
Silver badge

"And I still don't understand what problem a crypto-currency is actually solving for me:"

Helps to avoid the law and taxes.

3
1

Re: OK, I'll bite

I am not very block chain savvy but I think you do at least at certain intervals need to sync your wallet with the block chain to keep things current, the longer it's offline maybe the longer the math takes to sync?

Some wallets you need a separate password or private key to cash out or make transfers to other wallets. I wonder how well they protected the keys to the wallet or how many steps they built to make large transactions.

1
1

Re: OK, I'll bite

The US Gov't could crash it simply by dumping the bitcoin they confiscated from Silkroad.

0
0
Bronze badge

Re: As per usual when something is internet facing.

To be fair I'm sure the "their own fault for badly configuring it" excuses will be along in a minute.

The updated info is that one of their employees was phished by email with malware and that was the starting point for the intrusion. No linux servers hacked or badly configured. After lateral movement through the network, the credentials needed to login and move the coins was found.

1
0

Nice of El Reg to give me a shout out in the post. Will be used as bragging rights in the office.

17
0
Anonymous Coward

@Lee1ms

You're going to brag that you've been conned out of $4300? Wierd sense of value you have there!

3
23

Assume he meant "after reader Lee Reeve"...

14
0
Silver badge
Happy

You're going to brag that you've been conned out of $4300?

No, silly, he wishes to brag that he is so efficient that he completes his allocated work by 0930 each day and spends the rest of the day on el reg comments

15
0
Thumb Up

Exactly.

10
0
Silver badge
Facepalm

Entire contents of bitcoin wallet pilfered?

How does the contents of a digital wallet get 'stolen'?

4
0

Re: Entire contents of bitcoin wallet pilfered?

Everything in it gets transferred to some other anonymous wallet. There is no undo button.

18
0
Silver badge

Re: Entire contents of bitcoin wallet pilfered?

Every crypto-ripoff just makes "owning" some bitcoin that much more edgy.

All the cool kids are doin' it...

12
4
Silver badge

Re: Entire contents of bitcoin wallet pilfered?

*checks wallet, sees 0.02 BTC*

Hey everyone, look at me, I'm all edgy!

14
0
Silver badge

Re: Entire contents of bitcoin wallet pilfered?

"

Every crypto-ripoff just makes "owning" some bitcoin that much more edgy.

"

Sure, just like every credit card scam makes owning a credit card that much more edgy. Or a PayPal account. Or cash notes. Or ...

You can keep an encrypted BTC wallet offline on a memory stick (plus a few backup copies) and it's pretty difficult to get ripped off. However if you forget your wallet password or get run over by a bus without letting anyone else know the password, the money is effectively lost.

4
0
Silver badge

Re: Entire contents of bitcoin wallet pilfered?

As I understand it the "money" is never actually in your "wallet" which is in reality just a public/private key pair and a unique address.

The value "in" the "wallet" is determined by scanning the block chain which is essentially a ledger holding all of the transactions since the beginning of time.

So to steal coins from a wallet all you need is access to the public private key of the target wallet and then you can sign transactions on the block chain stating that the victim has authorised the transaction... Once it's done and added to the block chain it's no longer allocated to your wallet so it's gone.

I might be wrong but that's how I understand it.

2
0

Exit scam. "We're down for maintenance" is posted on the front door whilst the admins sneak out of the back with all the coins. This is *exactly* what happened with TradeRoute.

34
0

This was exactly my thought too, perfect exit strategy when the ponzi has hit its peak :)

1
0
Silver badge
FAIL

Mugs game

This is just one of the many reasons why I will never go anywhere near craptocurrency.

34
5
Silver badge

Re: Mugs game

There are more fundamental reasons to avoid them. Law of unintended consequences...

20
1
Silver badge

Re: Mugs game

And how does the energy needed to create BTC compare to the energy needed to create paper notes and coins? Both paper and metal require a LOT of energy to produce, and that's before factoring in the energy needed to print & shape it into notes & coins.

3
3
Silver badge

Re: Mugs game

"This is just one of the many reasons why I will never go anywhere near craptocurrency."

I mined BTC for 12 months a few years back. Then after the price went up a bit I took most of it out and took the family on a nice holiday to USA with the money. Since then the little bit that I left in there has become worth more than I took out to pay for the holiday.

Yeah, real mug, me.

6
0
Silver badge

An updated maxim...

Supposed experts and their Bitcoins seem very easily parted.

18
1
Anonymous Coward

Another

Nice Hash you've gotten me into, Stanley

17
0

Nicehack

3
0
Bronze badge

You seriously had just one wallet.

Well could't you do things like a proper bank and keep peoples money stored in the form of gold bullion... of wait. lol

8
0

As I understand it, sterling isn't supported by gold anymore (Brown sold it all) so the currency is propped up by government bonds. Which are essentially worth nothing more than the computer that tracks them.

And equally, no one's seen the gold in Fort Knox for years either.

Crypto currency ain't that far removed from traditional currency in terms of what underpins them.

1
0
101

Move on, move on, nothing to see here....

...literally.

Poof!

It will be this way until bitcoin dies for good. It's not money, it's not an investment, it's not an asset....it's a stupid computer game, and you can't beat the house.

11
5
Anonymous Coward

Re: Move on, move on, nothing to see here....

What house?

3
0

Re: Move on, move on, nothing to see here....

Our house, of course. And in case you're wondering, it is located in the middle of our street.

24
0

Re: Move on, move on, nothing to see here....

This is Madness!

9
0
Silver badge

Re: Move on, move on, nothing to see here....

"

It's not money, it's not an investment, it's not an asset....it's a stupid computer game, and you can't beat the house.

"

You could say exactly the same about fiat currency. Except the over-production of cryptocurrency does not depend on the whims of a government.

4
3
Anonymous Coward

Re: Move on, move on, nothing to see here....

But everyone does get to vote, at least in some democracies.

0
0
Bronze badge

Re: Move on, move on, nothing to see here....

So, that would be your castle and your keep, would it?

0
0
Anonymous Coward

When you see BitCoin being discussed on Mumsnet ...

you know something is going to go wrong.

11
0
Anonymous Coward

Re: When you see BitCoin being discussed on Mumsnet ...

You realise it's time to get back to work?

21
0

Payout value

I will only continue to use them after this if they lower the payout value

0
0
Anonymous Coward

That's another new Russian 'oligarch' that will be buying a football club - a cheap one, anyway..

3
1
Silver badge

That's just about enough for Aston Villa. And he's welcome to it.

4
0
Meh

Don't understand

I thought the whole point of the block chain was that everyone can (has to) verify that block X went to wallet Y, and therefore the transaction is verifiable.

Surely there ought to be a mechanism to undo that? At least partially, even if there's no roll-back due to other transactions, shouldn't the receiving wallet(s) be marked as criminal and so blocked, etc, by all miners everywhere?

3
1

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017