Cloudminr Hack Exposes Data on 80,000 Bitcoin Miners

Attackers were able to break into servers belonging to the cloud Bitcoin mining website Cloudminr.io over the weekend and harvest the site’s entire database. Now they’re looking to cash in.

Attackers were able to break into servers belonging to Bitcoin cloud-mining platform Cloudminr.io last week and harvest the site’s entire database. Now hackers are attempting to sell the information, which includes thousands of unencrypted usernames, email addresses, and passwords.

Cloudminr, a Norwegian company that started last year, relies on processing power from remote data centers to generate Bitcoin.  Those looking to make money off the crypto-currency without spending money on their own equipment often invest in Bitcoin mining companies to do the work for them.

While the company’s website is currently offline, it was replaced early Monday with a rudimentary storefront that claimed the site’s database, including information on 79,267 users, had been hacked and was for sale. According to several posts on the forum bitcointalk.org, the attackers are allegedly offering the information in exchange for 1 BTC, or roughly $289 USD. If legitimate, the sum could be a small price for an attacker to pay considering the information that could potentially lie in the database.

With a little social engineering, an attacker could recover a user’s password to any wallets or exchanges they might be a part of or use the information log into a user’s Cloudminr account and withdraw Bitcoin directly from their account.

Furthermore if a Bitcoin miner used the same login information for Cloudminr as they do for a forum like bitcointalk.org, an attacker could log into that account and gather additional information about the user, as well.

According to the Cloud Mining Directory, a site that aggregates information about cloud mining services, when Cloudminr.io’s site went down on Friday, it was replaced with a message: “CLOUDMINR.IO is temporarily down until a new website is made from scratch to avoid any backdoors left by hackers.”

While the legitimacy of the company has long been debated on Bitcoin forums, the fact that its developers appear to have stored its users’ credentials in plain text doesn’t make it any less bitter of a pill to swallow for Bitcoin investors who opted to use Cloudminr.

The company allegedly reached 11,000 customers in its first month last year according to the Cloud Mining Directory, a figure that if correct, made it one of the largest Bitcoin mining collectives in the industry.

In January Bitstamp, a U.K.-based Bitcoin exchange was forced offline after a hack resulted in the theft of around $5M in Bitcoin.

According to an incident report regarding the compromise that surfaced online late last month the company was hit by a sophisticated phishing attack in November 2014 that targeted six different employees over Skype and tricked them into opening rigged Word documents.

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.