Cryptocurrency is making headlines right now. Perhaps this is because of the increased value of cryptocurrency in the past few months. Lots of people are trying to get in on it now, I’m sure. But it’s now making headlines because of a breach where some bitcoin disappeared. When I say some, I mean tens of millions of dollars worth of bitcoin. Slovenia based NiceHash (cryptocurrency marketplace) connects miners, or people selling their hashing/computer power, with people willing to pay for that power. Andrej P. Škraba, the marketplace’s head of marketing, told Reuters that the company was targeted by “a highly professional attack” that involved “sophisticated social engineering.” He also revealed that the infiltrators got away with 4,700 bitcoins — or around $64 million.
When NiceHash discovered this breach, they posted an announcement to Reddit and their website indicating that they were pausing all operations for the next 24 hours in order to investigate the incident. What did the post say exactly? Mostly, that the company’s payment system had been compromised. Further, they are working with authorities in addition to conducting their own investigation. But that is all the information we have.
CEO Marko Kobal and Co-founder Sasa Coh appeared on a Facebook Live stream in order to address users concerns. What’s interesting about the live stream is that viewers were suspicious of Kobal and Coh. Some indicated that they looked guilty and suggested an inside job. But why would they do something like that? Is there anything to gain (other than money) from this? During the live stream, Kobal said that they were a target and that someone really wanted to bring them down.
Both law enforcement and cybersecurity experts are working with NiceHash in order to figure some things out. To start, they are trying to pinpoint the total amount of cryptocurrency that was stolen, and how the system was compromised. Kobal indicated that “about” 4,700 bitcoins were stolen on December 6th and that the hacker (or a group of hackers) had an IP address outside of Europe. The hackers were able to obtain the credentials of a NiceHash engineer and then used them to access the payment system.
This is all really suspicious because bitcoin soared past $19,000 yesterday. According to Kobal, the attack was highly sophisticated. Of course, people are going to be upset as they may have lost money. And yes, you have to look at Kobal and Coh from a blame perspective. But it’s hard to put this on them directly, isn’t it? As in, it’s hard to suggest that this is an inside job without further evidence.
If it is an inside job, then this isn’t good for Kobal and Coh. If it’s an outside job, this isn’t really good for them either. With the second scenario, it makes it look like they can’t manage the portfolio and they have a poor security system. Could it be someone affiliated with the marketplace? Possibly. There are many possibilities as to who this could actually be. At this point, it’s a wait and see kind of scenario until we find out for sure.