It has been a while since we last saw a major issue affecting cryptocurrency mining pools. It is not uncommon for one or two pools to experience issues at some point. In this case, however, a few different pools were impacted due to an issue with the mining software. Several altcoins are affected by this problem, including Verge and VertCoin.
Pool Software Hack Proves to be a big Problem
As of right now, it is still unclear what exactly happened to the affected mining pools. YiiMP’s website displays a message indicating that the open source mining pool software has been hacked. It appears a lot of altcoin mining pools rely on this code for their backends, although it is unclear how many pools are directly affected by this hack. Several pools are reporting sudden issues with mining pool software, so it is possible a lot of platforms will be affected.
Among the pools having reported issues are Zpool and HashRefinery. Both companies are currently undergoing maintenance with no ETA as to when these platforms will come back online. It is never good to see multiple mining pools suffer from this type of issue, although we have no specific details regarding the exact cause of the hack itself. It does appear the software was compromised in such a way that mining pool payouts were redirected to a different address.
Luckily, it appears HashRefinery will not be suffering too much from this issue. The company has disabled stratum servers for now and has funds in cold wallets to cover any missing payouts. The money will not be sent to its hot wallet anytime soon, though, as the team is still investigating what is going on exactly. They want to be certain no one can access the money once it is transferred to the hot wallet. It is a smart decision, although one that may cause some payout delays.
According to the YiiMP site, the hacking method involved here is quite disconcerting. A lot of money has been stolen from various mining pools and addresses, and affected altcoins include Auroracoin, Vertcoin, and Verge. The only currency still safe – for the time being, at least – is Decred. This is still a preliminary report and not a complete list of what went down exactly. It is possible dozens of other currencies may be affected by this hack as well.
This is yet another demonstration of how cybercriminals will continue to target the cryptocurrency ecosystem. Given the value increases in both Bitcoin and virtually all altcoins, it is not entirely shocking that criminals would want to obtain cryptocurrency for their own nefarious purposes. There is a lot of money going around in crypto currently and mining pools can prove to be a weak link in the chain.
Until we know the exact details, there is no real point in speculating as to how these issues were facilitated in the first place. All we know for sure is that someone took advantage of a loophole and used it to his or her advantage somehow. It is impossible to tell how much value has effectively been stolen through this hack, as the full ramifications of this breach have yet to be understood. This is a very troublesome development, to say the least.