Former Botmaster, ‘Darkode’ Founder is CTO of Hacked Bitcoin Mining Firm ‘NiceHash’
4 stars based on
54 reviews
Very soon after, Mariposa was estimated to have infected more than 1 million hacked computers — making it one of the largest botnets ever created.
ButterFly Bot, as it was more commonly known to users, was a plug-and-play malware strain that allowed even the most novice of would-be cybercriminals to set up a global operation capable of harvesting data from thousands of infected PCs, and using the enslaved systems for crippling attacks on Web sites. A message from Iserdo warning Butterfly Bot subscribers not to try to reverse his code.
On Darkode, Iserdo sold his Butterfly Bot to dozens of other members, who used it for a variety of illicit purposes, from stealing passwords and credit card numbers from infected machines to blasting spam emails and hijacking victim search results. In Julyauthorities in the United States and elsewhere conducted a global takedown of the Darkode crime forumarresting several of its top members in the process.
But local media reports state that he has vehemently denied any involvement in the disappearance of the NiceHash stash of Bitcoins. In an interview with Slovenian news outlet Delo. According to media reports, the intruders were able to execute their heist after stealing the credentials of a user with administrator privileges at NiceHash. A source close to the investigation told KrebsOnSecurity that the NiceHash hackers used a virtual private network VPN connection with a Korean Internet address, although the source said Slovenian investigators were reluctant to say whether that meant South Korea or North Korea because they did not want to spook the perpetrators into further covering their tracks.
CNNBloomberg and a number of other Western media outlets reported this week that North Korean hackers have recently doubled down on efforts to steal, phish and extort Bitcoins as the price of the currency has surged in recent weeks. The NiceHash theft occurred as the price of Bitcoin was skyrocketing to new highs. In a post on its homepageNiceHash said it was in the final stages of re-launching the surrogate mining service.
We understand it may take some time and we are working on a solution for all users that were affected. We are giving BTC rewards for the best information received. This entry was posted on Friday, December 15th, at You can follow any comments to this entry through the RSS 2. Both comments and pings are currently closed.
Mid-europe country — we have quite high standards, are part of EU. Yeah, and what bad label do you want by association of the worst in your country? We were part of Yugoslavia, which had no good relations to the Soviet block. Criminals can be found everywhere, so where are you from?
Us American Rats are no better. While Slovenia is the exception that confirms the rule. Mate, you are too stupid to breath without instruction. Only incredible moroms can generalise to such extent. Congrats, you one and only…. Keep it clean please, and cool it with the ethnic slurs, or you will find your comments deleted and your addresses blacklisted.
Similar to when the ransom is paid in paper money that the serial numbers have been recorded by law enforcement. If try, how can these stolen Bitcoins be used?
The bitcoins are marked but nobody selling or purchasing can spot the marking. The previous owners get to look on, helplessly, as they move from person to person to person to person, often times with nobody except the first hop or second hop in the chain actually being part of the crime. Even if something was put in place, a central clearinghouse for information about bitcoin theft, it would be a matter of ethics for the people involved in the BTC transaction to check vs.
Not by reversing the transactions but by creating new ones. With a warrant or with a lead pipe, they get the info, and get closer to finding the thief. Correction — the news outlet is Delo not Delo. Another newspaper Dnevnik reported that he was unrepentant and refused to admit guilt at the last trial.
Not sure where to post this. The shipping is so awful that it is a security problem. The recycled tracking numbers are sending items and wrong items everywhere. Please warn people to check on their shipped presents. They may show as delivered, are not. The news here is mostly politics, very little on crime and punishment, or science and electronics.
As such, no coverage of the aforementioned incedent. But it affects us all. Remember each news source is controlled by an editor who decides if a story is important enough to spend their resources on. Found your blog so informative and so in depth.
Finally got some quality in hacking news. I then confirmed that in the Fedex software, yep, it had somehow re-used the old tracking number. This took a few days to get settled. Finally they found it on a shelf near Atlanta after 10 days. One thing that bothered me in that interview is his total lack of self criticism or in fact modesty — a very dangerous quality for anyone working in security.
Was it a lack of caution or just a lack of competence? In any case, the guy did not come off as ready to own up to his mistakes or sincerely learning from them. I would keep a healthy distance from him in any matter having to do with security. HIGHLY unlikely, was most likely a spear phishing campaign that got them access, just an educated guess. As this case highlights they seem less secure than our current banking system which at least has some protection for consumers varies according to where you are I guess.
While it is undoubtedly an innovative and cool piece of tech, its use so far seems to be for speculation read, gambling and illicit purchases under the cover of legitimate in the legal sense purchasing which would probably be better served using normal currency.
We have a problem with theft with current physical money. You are not relying on a third party and can decide exactly how much to send without opening the door to your whole account.
Centralising data is a massive security risk, nice hash was a centralised service hence why it was able to be hacked. And the value of government cash can rapidly decline, as we see in Venezuela and much of the third world. Or asset forfeiture, simply by traveling through the wrong county with a bunch of cash. Really, look it up. Look at Venezuela; they had food until recently. Sure, a thief finds your stash. Or a new source is found in some third world country with cheap labor.
Having crypto-currency in an imaginary wallet is clearly a risky way to handle some of your wealth. But so is having a box of cash in your bedroom, all your money in a bank, or a few gold coins in your freezer. The only safe thing is to diversify your wealth, spreading it in more than one kind of currency and precious objects.
Maybe invest in a few Shekels, Pounds, and a little gold, for now. You might be a bit more of a target in that case. So prison from January to October I would solicit the bitcoin from the Appeals Board of the prison this adidas track suit wearing h4x0r was released from.
Until a system of incarceration is developed in which prisoners can have a personal jailor and receive gold stickers, chocolate ice cream, and fluffy dolls as rewards for good behavior, the best option remains an early release program. The crypto space is like the wild west on all sides. One party tries to pay using a stolen account or if they pay legally they use the miner for a month or two and then say it was defective and try to return for a refund so they get mine for free while the return is best.
Then Nicehash gets hacked with what they initially called a very sophisticated attack. Turns out its most likely an inside job. Lots of scam sites already offering their miner so be sure to only buy direct from the manufacturer. Follow me on Twitter. Join me on Facebook. Krebs on Security In-depth security news and investigation. December 15, at December 15, at 1: December 15, at 2: December 15, at 3: December 16, at 3: December 15, at 4: December 15, at 6: Love your work, Krebs!
December 17, at 1: Stolen bitcoins are mixed with clean ones in tumblers for a fee. December 15, at 8: That is until people start going missing…. December 16, at 6: Eventually they find the thief.
They then likely torture the thief to take back the Bitcoin. December 15, at 5: December 15, at 7: