The comment on their web site says that their payment system was compromised. If so, that means they had $64 million worth of bitcoin connected to their public-facing web site.
So I actually kinda hope for their sake it was an inside job, because that would be a lot less stupid.
One of the great things about bitcoin is that unless someone confesses we'll probably never know if it was an inside job. Do we even know who runs nicehash and in which country?
I always wondered how the hackers can get the money out of bitcoins to a fiat currency without exposing who they are. If they transfer it to an exchange, the exchange will know where the bitcoins came from being that transactions are open for everyone to see.
The first address they send the hacked coins to (a1) will most likely be black listed by some exchanges. However, the hackers could create thousands of new addresses and transfer the coins from a1 to the new addresses. Then do that again. All exchanges would have to monitor all addresses that a1 ever sent coins to. They could do this, but I'm not sure how many exchanges would actually do this. All it takes is one exchange to accept the hacked coins then the hacker can sell the BTC for something like ETH.
Another option would be OTC trades, but that would take a really long time to sell 4000 BTC.
They usually don't. They just stay in the attacker's addresses.
I would say the best way to go would be to using bitcoin mixing services, but then the attacker would open themselves upto a huge risk of getting caught if the mixing wasn't perfectly secure, when they eventually go to an exchange.
Never heard about NiceHash before, but this story is currently being reported by Slovenian national media and NiceHash is presented as a Slovenian company.
https://www.reddit.com/r/NiceHash/comments/7i0s6o/official_p...