Just as bitcoin trading hit record highs this week, hackers made off with nearly $70 million from a major cryptocurrency-mining service NiceHash. The Slovenia-based company announced the security breach on its Facebook page Wednesday afternoon and stopped operations for 24 hours.
Here’s everything we know so far in the days following the attack:
The NiceHash hack is the 4th largest breach in cryptocurrency history
Although the exchange rate for Bitcoin is still trading at an all time high at a whopping $15,400, other crypto thefts were much more detrimental when converting the exchange rate at the time of the theft, cryptocurrency research website CoinGecko co-founder Brian Ong told MONEY.
The largest cryptocurrency hack occurred in February 2014, when hackers stole approximately $450 million from Mt. Gox, a bitcoin exchange based in Tokyo that handled 70% of all bitcoin transactions at the time of the hack. Wired reported the Mt. Gox hack occurred due to a flawed system for securing software and shady business practices. The company CEO allegedly spent over $1 million on renovating a café in company headquarters while the business was “falling apart.”
The hacker likely wasn’t in Europe
NiceHash’s head of marketing Andrej Skraba told Reuters it was “very probable” the attack came from someone with an IP address outside of the EU. He declined to give Reuters any more details, but said NiceHash investors came from “all over the world.”
Hackers probably won’t be able to use the stolen Bitcoin
Bitcoin thefts are unique in that they’re not reversible, meaning once the coins are stolen, the owner has full control over them, Patrick McCorry, research associate at the University College London and the UK’s first PhD graduate in cryptocurrencies, told MONEY. However, the hackers likely won’t be able to actually use the loot due because if the stolen coins are made public, it would make it difficult for the thief to spend them. Many of the stolen coins (including money raised via ransomware) sit idle on the blockchain, McCorry said.
NiceHash founders informed other Bitcoin exchanges of the stolen bitcoin, so that they can be frozen before hackers sell it off for fiat or other types of cryptocurrency, Ong added.
Some think it could be an inside job
Matjaz Skorjanc, the mastermind behind the infamous Mariposa botnet that infected over 12 million computers, acted as NiceHash’s chief technical officer during the hack, the company confirmed to Reuters.
Skorjanc created the Mariposa computer virus that hijacked about 12.7 million computers around the world in 190 countries, BBC reported. The virus harvested private data, including credit card details and log-ins, as well as overwhelmed servers with traffic and sent users spam e-mails.
Skorjanc was arrested in 2010 when he was 27-years-old. Slovenian court sentenced him to just under 5 years in jail, plus a 4,000 euro fine.
Because of Skorjanc’s past, some Reddit users are speculating the heist was an inside job. At least one expert agrees.
“Speculations will always be there whenever a cryptocurrency hack occurs that it could be an inside job or a phishing attack on one of employees,” Ong said.