The past 12+ hours has been hectic around NiceHash Miner. Speculations about potential malware from one of the plugins listed in the NiceHash Miners software, called PhoenixMiner. The PhoenixMiner as the author of the software is MIA and the online repository was deleted due to some violations, according to NiceHash reddit author djeZo.
The first reddit post was written 14hours ago stating "Stop using Phoenix miner immediately!" followed by a shorter statement. Including the official press release from NiceHash.This reddit post have over 400+ comments.
The second post is 9hours old, with a longer statement on reddit approx. 4300 words to get a better understanding of the situation. The author also answers specific questions to support the community with the next steps. Some recommendations urges the entire community to uninstall their OS from scratch, change wallets, passwords and lastly re-install a new version of NiceHash called QuickMiner and ditch the older version of NiceHash miner.
There are over 279 comments with divided opinions. Some are asking about help and advice if they should be worried. While others are disagreeing with the author and blaming NiceHash for promoting a new software through the use of panic and chaos.
- NiceHash history isn't that clean either, in 2017, they confirmed that their website was breached with the payment system compromised. Approximately 4.7k bitcoins (US$64 million) was reportedly lost, according to Trend Micro
- But then again, NiceHash refunds the loss to users that was lost in 2017 hack, according to Nasdaq
- Another article by The Next Web on June 2019, stated that FBI is on the hunt for hackers and the co-founder of NiceHash "over an alleged plot to create and distribute malware through major dark web forum Darkode," by D.Canellis
- But then again, the indictment against one of the co-founders has no relations to NiceHash operations nor is it related to the previous breach, according to a public statement via NiceHash site.
Now why am I even writing about this? well I was going to bed and before putting my phone away, I usually read about blockchain and mining.
The reddit post showed up and I couldn't stop reading. Laying in bed, I was like
"Shiet, should I go to my rig and check it out, indeed I did. A quick search and I found four Phoniex files. Deleted them, and went back to bed. Kept reading, and reading, and reading. Now I was at the stage of, f**** I need to do my own research.
Hence this article, a bit of research to have peace of mind but also not to directly take a stance and frame NiceHash as the villain here. I gotta give it to them, they at least informed everyone. And yes some say it's a marketing tactic to push users into a new product but either or, my reasoning goes:
- Why would a business with over 500k plus users want to create this type of chaos? Chaos like this equals a major risk in loosing customers vs. keeping them. It's not like customers will say;
"Heeeey I am going to re-install my entire rig, gaming pc or whatever, and be super happy doing it and then be like, let's get NiceHash QuickMiner YEEY" but rather "Hmm should I trust NiceHash again? What if I have to go through this hassle again, are there any other options etc. etc."
For me, it's a given, I'll be following their advice. Sure, I'll be loosing a full night sleep but it will be worth it. Will I install the new one; NiceHash QuickMiner - we shall see. I've enjoyed NiceHash and their services. I appreciate their effort to quickly announce this instead of waiting quietly. It's bold taking this type of risk.
And based on my personal research, the team and company seems legit. If compared to corporations and government behaviours, NiceHash makes them look like dinosaurs. And time will tell...Gotta go, been sweating to write this article as quickly as I can.
Thx for reading,SocietyZero
Disclaimer:Above written article is based solely on my opinion. I do not recommend to share the same view or take the same actions. If you have questions or concerns related to above topic please contact the team behind the product directly. This article was written by my own interest and initiative. If any info is considered to be false or misleading please let me know.
Resources:NiceHash
The largest hash-power broker that connects sellers or miners of hash power with buyers of hash power. Hash-power is a computational resource that describes the power that your computer or hardware uses to run and solve different cryptocurrency Proof-of-Work hashing algorithms.
NiceHash QuickMinerNiceHash QuickMiner uses only Excavator for GPU mining and XMRig for CPU mining. Excavator is an in-house developed miner and is 100% free of any malware, and XMRig is an open-source CPU miner. There are some more open-source C# libraries used.
About the author:Background in big data, IT, strategy, and analytics.
Researches the world of cyber with focus on the surveillance economy.
Interest in Computer Science (Big Data & Cyber Security), Blockchain and History.
