NiceHash has announced on their official reddit page that the NiceHash payment system was compromised and all the bitcoin stored in their wallet has been stolen. They are still working to know the precise number of bitcoin but sources have told that around 67 million dollars worth has been stolen. The company has already reported this matter to the relevant authorities and working to restore the NiceHash service with highest security measure at earliest opportunity.
Here is the hacker BTC address and he is already owner of 4700+ bitcoins which is around 67 million dollars in today’s money. However, one reddit user has summed up the entire incident as inside job.
If you ran a service like this you wouldn’t keep all your BTC on the web server or any live server. You’d move just enough to handle the current outgoing payments and I would HOPE that if they all of a sudden saw all their users request to empty their wallets to one BTC address they’d go ‘hmmmm’. Can anyone tell me a reason why they would keep all their BTC vulnerable like that?
The way I would run it is:
1.Users Mine -> Send BTC to a wallet
2.Periodic Sweeps to a temporary wallet to handle daily payouts
3.Daily sweep to move excess coin to a secure offline wallet
4.If a big sell order comes in, have a person literally go get a hardware wallet and load enough coin to cover it. This isn’t a high frequency trading thing where coins have to be available 100% of the time.
5.Have an insurance policy that covers the max amount of daily sweeps so if you DO get hacked, you can cover that day’s losses.
At no time ever ever does the entire wallet contents for the company get put in one place on line. If they did this, could they still get hacked? Only a little and it’d be recoverable I think. Am I wrong? In any case, RIP coffee money fund.
Did you loose money? Do you think it was an inside job?
December 7, 2017
| Bitcoin News