Was the nicehash “hack” an INSIDE JOB?

You decide.

Was the Nicehash "hack" an inside job?

“The owner of the company with a share capital of half a million euros is Bitorious (45%) based in Dornberk, its director is Marko Kobal, and 55% of the company is owned by H-Bit. The owner of H-Bit is Martin Škorjanc. An interesting fact is that Martin Škorjanc is the father of Matjaž Škorjanc, who was arrested by Slovenian police a year ago for online cyber crime with the help of the US FBI in Maribor. More at: https://www.zurnal24.si/slovenija/okradli-slovensko-podjetje-stranke-ostale-brez-56-milijonov-evrov-301488 - www.zurnal24.si”

“Pentester here. I'm calling inside job. Most large services keep the vast majority of their BTC in cold storage. CoinBase, for example, only keeps 2% of their coffers out of cold storage, and that 2% is insured. You're really going to hope people are niave enough to think you accidentally left literally all of the BTC online, uninsured, and unsecured? You're also expecting me to believe you had zero safeguards against 61 million dollars transferring to one single address, and then you claim you're running maintenance on the site. You also push more people to using your online wallet by offering discounts on transaction fees. How fucking retarded do you think people are? This is either plainly criminal, or plainly incompetent. Either way, you guys are morons. Glad I never used you.”

“Makes NO sense. Has to be an inside job.
If you ran a service like this you wouldn't keep all your BTC on the web server or any live server. You'd move just enough to handle the current outgoing payments and I would HOPE that if they all of a sudden saw all their users request to empty their wallets to one BTC address they'd go 'hmmmm'.
Can anyone tell me a reason why they would keep all their BTC vulnerable like that?
The way I would run it is:
1.Users Mine -> Send BTC to a wallet
2.Periodic Sweeps to a temporary wallet to handle daily payouts
3.Daily sweep to move excess coin to a secure offline wallet
4.If a big sell order comes in, have a person literally go get a hardware wallet and load enough coin to cover it. This isn't a high frequency trading thing where coins have to be available 100% of the time.
5.Have an insurance policy that covers the max amount of daily sweeps so if you DO get hacked, you can cover that day's losses.

1. At no time ever ever does the entire wallet contents for the company get put in one place on line.
   If they did this, could they still get hacked? Only a little and it'd be recoverable I think. Am I wrong? In any case, RIP coffee money fund.
   (Also COINBASE BETTER BE SHITTING THEMSELVES RIGHT NOW and doubling down on security)”

“Also consider their fee structure. They offered a halved mining fee for using their wallet, but it had a high minimum withdrawal fee of .0003 Bitcoin. This got people to A) use their wallet, and B) to reduce the frequency of withdrawals. What an excellent way to get people to let Bitcoin sit on a wallet you know is unsecured. It's almost like this was their business model all along.”

So I guess nicehash could have been hacked....but was it?

What do you think? There should be an investigation!

Upvote this if you think there should be an investigation on the owners and operators of nicehash! Together, there is power in numbers.

Continue to track the stolen wallet. Justice must be served. And the crypto world should be used for good, not evil. The whole purpose of a decentralized monetary system was to protect those from being corrupted by greed and selfish-ambition. Let's continue to fight the good fight!