NiceHash has temporarily ceased operations following a security breach in which a criminal gained unauthorized access to its Bitcoin wallet.
The trouble started on 6 December when users of NiceHash, a service which enables people to exchange computing resources known as hashing power to mine for Bitcoin and other cryptocurrencies, began reporting that they had been kicked offline while mining. Some even reported seeing their balances drop to zero, reports Business Insider.
Shortly thereafter, NiceHash announced that its service was undergoing maintenance.
Dear NiceHash users,
we are very sorry for the inconvenience caused. Our team is working hard to resolve the issues on the service, it might take longer than expected. We'll keep you updated!
— NiceHash (@NiceHashMining) December 6, 2017
It took the company less than a day to reveal that it had suffered a security breach.
At the time of publication, NiceHash’s website is still unavailable. It displays only a statement in which the service’s administrators explain how the service will remain offline for 24 hours while they work to determine how many Bitcoins the attackers stole from the site’s wallet. The admins also provide additional information about how they’re working to resolve the hack:
“Clearly, this is a matter of deep concern and we are working hard to rectify the matter in the coming days. In addition to undertaking our own investigation, the incident has been reported to the relevant authorities and law enforcement and we are co-operating with them as a matter of urgency.
We are fully committed to restoring the NiceHash service with the highest security measures at the earliest opportunity.”
NiceHash does not provide any estimates as to how many Bitcoins it thinks the criminal stole. However, CoinDesk reports users are circulating a Bitcoin wallet address that might belong to whoever is responsible for the breach. If the criminal does own that address, they successfully made off with 4,736 Bitcoins worth more than $72 million at the time of this writing.
While it works to figure out what happened and “find the appropriate solutions for the future of the service,” NiceHash is urging users to change their online passwords in case the attackers compromised them. Members can find helpful tips on how to create a strong password here.
News of this breach follows just a few months after a hacker stole more than US $30 million worth of Ethereum cryptocurrency tokens by abusing a vulnerability affecting a wallet client.