The cryptocurrency mining firm Nicehash reportedly lost $64 million worth of bitcoin by hackers. This is what Nicehash had to say to its customers following the hack:
“Your bitcoins were stolen and we are working with international law enforcement agencies to identify the attackers and recover the stolen funds. We understand it may take some time and we are working on a solution for all users that were affected.
“If you have any information about the attack, please email us at [email protected]*. We are giving BTC rewards for the best information received. You can also join our community page about the attack on reddit.“
Nicehash claims to be hard at work with the international police in order to retrieve the stolen funds. Angry customers vowed never to return to Nicehash unless their funds were returned in full. Following the ongoing 2-week long investigation, it was revealed that the chief of technology of Nicehash, Matjaž Škorjanc, was sentenced to more than 4 years in prison for creating the malware that helped build the Mariposa botnet. Mariposa was discovered in 2008. Before being dismantled in 2009. it infected 1 million computers, making it the largest botnet in history. Mariposa, or Butterfly as it was often called, enabled even the most amateurish cyber criminals to gather data from infected computers across the globe. Its confirmed potency included email-spams, theft of personal data, changing search results to a browser to display ads, and denial of service attacks.
Skorjanc was known to the online community under the nickname Iserdo, which in turn was the administrative account for the cybercrime forum Darknode. Skorjanc sold Mariposa to Darknode’s users at prices ranging from $500 – $2000 a kit. Purchasers of these kits used Mariposa to steal credit card numbers and account passwords. Darknode was eventually shutdown by US law enforcement agencies in 2015.
With such a notorious past, it is not difficult to wonder why victims of the Nicehash hack begin to question Skorjanc’s involvement in this loss. In his recent interviews, Skorjanc states that he isn’t involved in the disappearance of 4,000+ bitcoin.
The investigation is still ongoing. Because bitcoin transactions are available to public, the victims are carefully each transaction to take note of the funds’ movement. According to Krebsonsecurity, “the NiceHash hackers used a virtual private network (VPN) connection with a Korean Internet address, although the source said Slovenian investigators were reluctant to say whether that meant South Korea or North Korea because they did not want to spook the perpetrators into further covering their tracks.”
Following BTC’s surge, North Korea has doubled its efforts on stealing, phishing and extorting bitcoins. “North Korean hackers targeted four different exchanges that trade bitcoin and other digital currencies in South Korea in July and August, sending malicious emails to employees, according to police,” CNN reported.