Dell SecureWorks researchers have discovered that an estimated $83,000 worth of cryptocurrency was stolen due to the hacking of mining activities associate with several major mining pools, including Ghash, BTCGuild and others. They experienced hundreds of short, “hit and run” hackings between February and May earlier this year.
51 networks from 19 internet service providers (ISPs) were compromised. Unique about these attacks was the fact that the Border Gateway Protocol (BGP) was involved in their execution. With BGP peering, both ends of a network must be manually configured in order to communicate, which is designed to ensure that malicious networks cannot divert traffic without human intervention. In this case, miners attempting to connect to a legitimate pool were rerouted to a pool operated by the hijacker. The researchers assess the threat of repeated such attacks is low.
FX Veteran Hossain-Nelson Joins INFINOX to Ramp Up IX Prime OfferingGo to article >>
The figure of $83,000 is estimated based on activity observed with 5 cryptocurrency addresses associated with the hacker. The figure may be higher due to incomplete data and the possible existence of other hacker addresses not yet discovered.
While this is not biggest hacking of altcoins- around the same period, as much as $2 million worth of Dogecoin were maliciously mined (also researched by Dell SecureWorks)- it may be one of the most diverse. Dogecoin, Worldcoin and Hobonickels are among the coins that have been confirmed to have been taken, but there are likely more.