lolloj - Fotolia

Hackers steal nearly $80m in bitcoin

Hackers have stolen nearly $80m worth of bitcoin from a bitcoin mining service as the cryptocurrency’s value continues to skyrocket

Cyber criminals have stolen around 4,700 bitcoin from Slovenian bitcoin mining and exchange service NiceHash, which brokers spare compute power to groups mining for new bitcoin.

The value of the cryptocurrency has been on a steep, uninterruped ascent since September 2017, rising from $3.780 to more than $16,000 in less than three months. At the current valuation, the NiceHash hackers managed to make off with $78.35m after accessing the company’s systems.

According to NiceHash, the hackers – believed to be from outside the EU – accessed the company’s systems around 00:18 GMT on 7 December and began stealing bitcoin three and a half hours later, reports the BBC.

This is the latest in a string of cryptocurrency heists in the past year, and security researchers are predicting that the trend will only intensify in the coming year. NiceHash is working to recover the stolen bitcoin in collaboration with local and international authorities, chief executive Marko Kobal said in an appearance on Facebook Live.

He said an employee’s computer had been compromised in the attack and that a forensic analysis of the attack underway. The bitcoin industry has become one of the top 10 industries most targeted by distributed denial of service (DDoS) attacks, according to a newly released report by Imperva.

Igal Zeifman, director at Imperva Incapsula and author of the report, said the large number of attacks on bitcoin exchange sites is a clear example of DDoS attackers following the money. “As a rule, extortionists and other cybercriminals are commonly drawn to successful online industries, especially emerging ones that are less likely to be well-protected.

“Attackers can make a lot of money when attacking crypto exchanges due to factors such as the anonymity of the cryptocurrencies, hence the ability to ‘get rid’ of the stolen goods with limited risk,” he said.

Read more about cyber heists

  • Cyber heist hits banks in Russia and eastern Europe.
  • $81m cyber heist highlights gap between attacker and defenders, says Swift.
  • Swift warns banks of fresh wave of cyber heists.

According to Imperva’s latest DDoS report, 73.9% of all bitcoin exchanges and related sites on the Imperva Incapsula service were attacked in the third quarter of 2017.

“The DDoS attacks we mitigated could have been attempts to manipulate the price of bitcoin and other cryptocurrency, something we know offenders have tried in the past,” said Zeifman.

As the bitcoin value continues to soar, its attractiveness to attackers – both at a criminal and nation state level – will increase in proportion, according to Richard Ford, chief scientist at security firm Forcepoint.

“While the bitcoin valuation is incredibly tantalising, investors need to recognise that cryptocurrencies are not magic – they can be stolen just like regular money, and are comparatively easy to launder.

“Users and companies need to take precautions commensurate with the value of the asset they are protecting, implementing not only traditional security but also watching out for malicious insiders or compromised third-party partners  who have access to a vast pool of liquid assets. “We are just seeing the beginning of these attacks – there will be many more to come in 2018,” he said.

Since 2011, more than 980,000 bitcoins have been stolen from exchanges, which would be worth more than $15bn at current exchange rates, according to Reuters, which notes that few have been recovered, leaving some investors without any compensation.

“These exchanges are not in my opinion secure,” Gartner security analyst Avivah Litan told Reuters. “You don’t know what their security is like behind the scenes,” she said.

Read more on Hackers and cybercrime prevention

Data Center
Data Management