For those unfamiliar with the details of cryptocurrency mining, mining pools exist to combat the extreme difficulty of successfully mining proof-of-work (PoW) coins. Bitcoin miners can throw significant amounts of computing power at solving the cryptographic math problems that drive the blockchain forward but never be the first to solve one of these problems and receive a single Bitcoin in return. Thus, many miners band together in groups known as mining pools. Within each pool, any Bitcoins mined are broken up and distributed between all the miners in proportion to the size of their contributions to the pool’s total hash rate.
By contributing to a pool, cryptocurrency miners can count on steady rewards, rather than hoping to strike gold at random. The BTC.com pool is one of the largest currently active pools. According to the service’s own pool distribution tracker, the BTC.com pool has accounted for 3.10% of the Bitcoin network’s total hashrate over the past three days, making BTC.com the sixth largest mining pool.
Unfortunately for all the miners contributing to the BTC.com pool, the recent cyberattack resulted in the disappearance of $700,000 worth of client assets. The threat actors also stole company assets valued at $2.3 million. However, BIT Mining has pledge to “devote considerable efforts to recover the stolen digital assets.” According to the news release, the company is coordinating with law enforcement authorities and has already secured some of BTC.com’s stolen assets.
That said, BIT Mining has yet to reveal any details regarding the cyberattack that facilitated the theft of BTC.com’s assets. Given the apparent seriousness of the attack, it’s entirely possible that threat actors managed to steal confidential customer or company information in addition to digital assets. As the recent data breach affecting customers of the Gemini cryptocurrency exchange has shown us, data breaches can go undisclosed until threat actors publish stolen information to the Web. Therefore, BTC.com customers should be on guard for potential phishing attempts over the coming months.