Bitcoin Mining Marketplace NiceHash Hacked: $62 Million Stolen?
A hacker successfully breached cryptocurrency mining marketplace NiceHash, resulting in the theft of up to $62 million worth of bitcoins.
The NiceHash website had gone offline earlier in the day, which the company had chalked up to maintenance. However, the team revealed the true nature of the outage through an announcement posted on the service’s social media channels, confirming users’ worst fears after hours frenzied speculation.
“Unfortunately, there has been a security breach involving NiceHash website,” the company wrote, adding that it was freezing all operations for at least the next 24 hours while it investigated the hack.
“Importantly, our payment system was compromised and the contents of the NiceHash Bitcoin wallet have been stolen. We are working to verify the precise number of BTC taken,” the company wrote.
Although NiceHash has not confirmed the number of bitcoins stolen, NiceHash users have circulated a wallet address that suggests that 4,736.42 BTC — worth more than $62 million at the current exchange rate — was drained from the company’s hot wallet.
The company stated that, in addition to an internal investigation, they had contacted the “relevant authorities and law enforcement” and that they are working to “rectify the matter in the coming days.”
In the meantime, they advised users to change all of their online passwords, as it is presently unclear what data the hackers were able to obtain in addition to the stolen funds.
Founded in 2014, NiceHash allows users to buy and sell hashpower through its online marketplace. This way, users can benefit from bitcoin mining without purchasing or operating the equipment themselves. However, as this incident demonstrates, cloud mining services subject users to additional risks versus operating one’s own hardware.
In addition to hacks, cloud mining customers have also fallen victim to outright fraud. Three years ago, the now-defunct company Gaw Miners executed a Ponzi scheme under the guise of its cloud mining service and PayCoin, a proprietary cryptocurrency that Gaw created to perpetuate the scam. Gaw Miners CEO Josh Garza was recently declared liable for more than $9 million in disgorged profits and penalties in connection with the scam.