Not so long ago, there was a massive scandal with the devastation of the electronic account of one of the largest mining markets NiceHash. The cost of bitcoin is growing, as the old Russian hero - not by day, but by the hour. Very tasty prey, is not it?
It so happened that the fragments of this "big bang" touched me personally, and the clients of my company, which also deals with the protection of information. Now many of them have begun to concern themselves with the protection of funds and questions about what happened. Therefore, I think it is not bad to conduct a small analysis.
The case of NH is not a precedent. Mining services and wallets became objects of attack earlier. Among the recent major "mining" is enough to recall Genesis Mining and Parity and see how they came out of this situation.
What allowed Genesis Mining not to lose customers after
It is difficult to find cyber attackers, and it is almost impossible to return the stolen. Most often, you have to wait until the hackers make a mistake somewhere, and hope that they do. Nevertheless, Genesis Mining has endured quite a scandal.
In June 2017, Genesis Mining discovered unauthorized access to a hot wallet, but did not manage to prevent the leakage of funds. And although the size of the stolen funds was not disclosed, it is an impressive amount.
According to Genesis Mining, users' personal data remained intact and safe, including email addresses. And the company does not store credit card data. And the incident itself had no effect on mining operations. And most importantly - the cloud mining service compensates for the damage caused to its customers, up to the repayment of the amount of debt.
As for me, Genesis Mining is a vivid example of how successful communication with customers and speed of reaction help preserve the company's reputation.
How Parity coped with the attack
Although Bitcoin is currently the most profitable cryptocurrency in the long run, and, therefore, the most attractive for hackers cryptocurrency, etirium miners also fell under the “distribution”.
Almost at the same time, an attack on Parity — the Ethereum wallet — was carried out with Genesis Mining.
The vulnerability was found in the library, which is responsible for the operation of the smart contract used by multi-signature wallets.
This bug allowed to turn the vulnerable library into a wallet and then become its owner. Actually, just such a prank was done by the user under the nickname Devops199. And this prank was 513,774 ETH (according to the official report) on 517 blocked wallets.
If you believe the most newly-minted hacker, everything happened by chance. After gaining control, he gave the command to self-destruct the contract. And this, in turn, led to the withdrawal of a large number of wallets, blocking all the funds on them. So the newcomer (sort of) "executed" 334,466,874 dollars (at the time of writing).
The reaction of the creators of the wallet is rather doubtful. They reported that white hackers had already begun to solve the problem, recommended users to withdraw their savings to safe media. And as a solution, they did not find anything better than hard forks.
What not everyone liked (of course).
And in their official report, published on November 15, 2017, they even said that they knew about the bug in August, but did not have time to fix it. Hmm, very costly slowness.
Recently, attacks have become noticeably more frequent - for example, the attackers attempted to attack Parity twice in one week. The problem is that it is rather difficult to track down unauthorized transactions, and no one has yet been able to return the lost broadcast, except for Vitalik Buterin, creator of the Ethereum platform.
How NiceHash lost $ 70 million
According to users of the service, the amount NiceHash lost has already reached $ 70 million, and is rapidly growing in dollar terms. The official website of the service has been frozen for several days, although the right holders have promised to cope with problems within 24 hours from the moment of the robbery.
NiceHash did not hide the hacker attack: on the day of the incident on the official Facebook page was published a statement about the hack, in which the company urged users to change passwords, and also asked to join the investigation of all concerned cybersecurity experts. For help, even promise a reward in the form of cues.
In addition, international law enforcement agencies were involved in the investigation.
Then there were the interviews of the general director Marco Kobal and live broadcasts, promises to return the service to work, and the stolen Bitcoins too. Communication with affected clients is already a big plus. But the victims need not talk, but their money. And of course, supporters of conspiratorial theories, who accused NiceHas himself of stealing, climbed from everywhere.
Does it make sense to destroy the goose that lays the golden eggs?
NiceHash has earned a name for itself that has been trusted by hundreds of thousands of miners. This can be understood by the company's profits.
Reading comments about conspiracy theories and how the owners of the company went to Cuba with money that they “stole from themselves”, I am surprised. The logic is really simple: the company
collects a commission of 2-4% from one transaction plus other sources, we get about $ 50 thousand per day of income. The question arises: is there any sense for the company to “steal” the amount that it can easily earn in two months, compromising itself in the eyes of users?
And I do not say this as a person whose “hut will hide”. And as the one whom the situation has touched as well, and quite noticeably. Now I have no special experiences, because the reputation of such a player as NiceHash is much more expensive than that stolen.
How to protect yourself from theft?
Sadly, the answer is disappointing: no way.
Cryptocurrency itself is quite risky. And given the current rise, it has also become the object of close attention from hackers.
And no one is immune from these attacks. You can lose millions even because of a vulnerability that was not considered critical (hello, NiceHash). You can use the latest methods of protection, but in them some clever "bad guys" will find a loophole. So there will always be an element of risk. But we all know who does not drink champagne. Regarding what measures to take:
- withdraw money from pools as often as possible
- use the services of proven companies with
And the rest - who does not risk, he does not earn on Bitcoin.