Hackers may have gotten away with £51 million worth of bitcoin after a cyber-attack hit the cryptocurrency mining platform NiceHash. The attack was highlighted on Twitter and Reddit with users saying they could lose hundreds of dollars.
NiceHash lets people offer computing capacity for bitcoin miners to mine digital currencies. Cryptocurrency miners work out complex mathematical equations to add cryptocurrency transactions to decentralised public ledgers called blockchains.
The mining marketplace said that its service was undergoing “maintenance” on Twitter and that it was working hard to resolve issues affecting the site. NiceHash said in a statement that it was “investigating the nature of the incident” and they were closing the site for a day.
NiceHash was unsure how much had been taken in the hack but users pointed to a Bitcoin wallet that had been stolen that did in fact turn out to contain the stolen amount which was £51 million as confirmed by Andrej P. Škraba, head of marketing at the firm.
This wouldn't be the first time people have lost millions in cryptocurrency. In November, millions of pounds worth of Ethereum were "accidentally" frozen on the cryptocurrency wallet provider Parity after a user "suicided" the wallet, deleting its code and freezing all ether tokens contained within.
Javvad Malik, security advocate at AlienVault emailed SC to comment, “Cryptocurrencies are rapidly increasing in value, making them an interesting investment opportunity for many. Unfortunately, this success attracts criminals. Coupled with the fact that cryptocurrencies do not have stringent regulatory or compliance checks, security is left in the hands of the cryptocurrency platform developers – often leading to lax security controls that can be bypassed.”
Tristan Liverpool, director of systems engineering, F5 Networks adds: “At a time of widespread uncertainty and distrust in many areas of the digital economy, Blockchain's central promise of ultra-secure measures for certainty and authenticity is an incredibly compelling proposition. However, for many experts, Blockchain continues to have a range of limitations. Analysis from the Open Data Institute (ODI) has highlighted a range of potential security stumbling blocks, including interoperability, privacy issues and the need to find information within the Blockchain”.
“In addition, many application developers are still failing to write APIs with security embedded, which puts both the application and the underlying data at risk. Better code means better confidence as the need for greater transparency, combined with emerging business models built on blockchain technology, will drive more organisations to safeguard data and improve overall application security standards.”
“Users of Bitcoin should be well advised to do their due diligence before making investments. Having a secure and versatile application program interface (API) will give users complete control and flexibility over the performance and integrity of vital applications. In the wake of recent high-profile breaches, now is the time for users to protect their passwords and be vigilant with on-line behaviour.”