Naked Security Naked Security

“Big Bitcoin Heist” sees 600 Icelandic servers stolen

Police arrested 11 people but haven't found the hardware, which is worth nearly $2 million.

Ahhh, Iceland. Perched on the edge of the Arctic Circle, it’s got plentiful data center capacity, renewable energy galore from geothermal and hydroelectric power plants, and that reliably chilly climate to help with cooling.
No wonder cryptocurrency miners have been flooding into the island in recent months.
Of course, where miners go, thieves are sure to follow. Sure enough, Iceland now brings us yet another thievery method to add to the growing list of cryptocoin burglary techniques: this time “grabbing the actual servers”.
In what Icelandic media have dubbed the “Big Bitcoin Heist,” 600 servers have been spirited out of data centers in four burglaries. Three heists happened in December and a fourth took place in January. According to AP, authorities have kept it on the hush-hush while they’ve worked on tracking down the culprits.
Investigators haven’t found the servers yet. They’re worth nearly $2 million, AP reports. As The Register notes, it’s not surprising that the hardware has proved to be elusive: servers used to mine bitcoins are pretty generic. They could easily have been stripped for parts – be they the currently scarce GPUs, the RAM or the fast solid-state disks – and shipped piecemeal for sale anywhere.

Icelandic police haven’t come up completely empty-handed, however: they’ve arrested 11 people so far, including a security guard. A judge at the Reykjanes District Court on Friday ordered two people to remain in custody.
AP quoted Olafur Helgi Kjartansson, the police commissioner on the southwestern Reykjanes peninsula, where two of the raids took place:

This is a grand theft on a scale unseen before. Everything points to this being a highly organized crime.

Police are keeping an eye out for unusually spiked energy usage across the country that could lead them to the servers, according to an industry source who spoke with AP under condition of anonymity.
Icelandic authorities have called on local internet service providers (ISPs), electricians and storage space units to report any unusual requests for power.
Of course, if the servers have been carved up and shipped out, that could well turn out to be a dead end.
At any rate, back to the newly lengthened list of ways to rip off people in these frenzied days of seeking fast cryptocoin riches. Now, we can add hardware kidnapping to that list. It will appear alongside exit scams, mining malware, mining malware cum ransomware, kidnapping, your common-or-garden variety hacking, and IRL robbers with IRL guns.
It’s a dangerous place, this brave new world of cranking out virtual currency. Does it scare you off?
No shame in that. The ranks of a-pox-on-this-stuff investors are swelling right along with the ways to rip it off. Bill Gates last week threw his hat into the ring with other cryptocoin naysayers, saying that virtual currencies are killing people in a “fairly direct way” because of how they’re used to fund terrorism and to buy fentanyl and other dangerous drugs.

Leave a Reply

Your email address will not be published. Required fields are marked *