The Daily Swig Web security digest

NiceHash, no stash: Mining marketplace suffers breach as bitcoin soars

James Walker | 08 December 2017 at 15:56

Top infosec trends in the social media spotlight this week…

As bitcoin continued to break new trading records this week, mining marketplace NiceHash has suspended its operations following a security breach that resulted in around $70 million being stolen from the company.

Issuing an official statement on Reddit yesterday, the company said: “Our payment system was compromised and the contents of the NiceHash Bitcoin wallet have been stolen.

“Clearly, this is a matter of deep concern and we are working hard to rectify the matter in the coming days.”

In the wake of the breach announcement, one Reddit user shared a link to the hacker’s purported Bitcoin address, which shows a balance soaring from zero to 4,655 BTC on December 6.

In a week that has seen the value of a single bitcoin break through the $17,000 mark, some NiceHash users were speculating on whether the hack was an inside job. Many others were lamenting the fact that they lost their money while waiting to reach the minimum payout threshold:

As of 09:00 EST today, bitcoin was trading at around $14,900.

From one security breach to another, Mecklenburg County in North Carolina fell victim to a ransomware attack that took numerous government systems offline this week.

Hackers are thought to have leveraged the LockCrypt malware variant in order to decommission computer systems that collect property taxes, handle building permits, and process jail inmates, among others.

Mecklenburg is North Carolina’s most populous county, with more than one million residents. And while government workers were reported to be resorting to pen and paper to carry out their duties, officials said they were refusing to pay the $23,000 ransom that was being demanded by the hackers:

“I am confident that our backup data is secure and we have the resources to fix this situation ourselves,” county manager Dena Diorio said in a statement on Wednesday. “It will take time, but with patience and hard work, all of our systems will be back up and running as soon as possible.”

Elsewhere, following the announcement earlier this week that the FBI, Europol, and numerous other cybercrime organizations had successfully dismantled the havoc-wreaking Andromeda botnet, details have emerged of the arrest of a 33-year-old Belarusian man with close ties to the network:

Andromeda was associated with 80 malware families and, in the last six months, it was detected on an average of over one million machines every month.

While the botnet was said to be built on vast criminal infrastructure, it seems that human error resulted in the arrest of one of the project’s masterminds.

Despite demonstrating apparent expertise in malware development, the participant – named by security firm Recorded Future as Sergey Jarets – is understood to have been identified after it was found that he used the same ICQ chat messaging number across multiple white hat forums.

Finally, multiple outlets this week picked up on the news that a student at the prestigious Tenafly High School in New Jersey managed to hack into the school’s systems in order to change his grades:

Although reported to have been among the best and brightest in the state, the 16-year-old, who cannot be named for legal reasons, apparently feared his academic performance was not good enough for him to gain entry to an Ivy League college.

According to local news reports, a guidance counsellor spotted the doctored transcripts, and the modern-day Ferris Bueller’s college applications have now been recalled.