Nicehash urges its users to “STOP using Phoenix miner immediately!”

Nicehash urges its users to

Nicehash urges its users to “STOP using Phoenix miner immediately!”

This morning, Nicehash issued a startling blog post that recommended that many of their users reinstall their OS and change all of their passwords as soon as possible, stating that the Phoenix Ethereum miner may a security risk. 

Nicehash is a popular cryptocurrency mining platform for small-time and big-time cryptocurrency miners alike, and they are asking their users to conduct some major changes to their systems. For those who use their gaming PCs for mining, a full OS reinstall is a drastic measure, but Nicehash feels that this level of concern is warranted. 

Using Nicehash’s software, their users were previously able to download the Phoenix Miner on their platform, making the company complicit in the potential installation of malware onto PCs. Today, the Phoenix miner is unavailable to download, and the program’s creator has disappeared off the internet. Nicehash feels that something malicious may have occurred and have dropped their use of the Phoenix miner on their services. 

False downloads for the Phoenix Miner have appeared online to capitalise on the disappearance of the software, which means that 3rd part sources for the Phoenix miner cannot be trusted. 

Below is Nicehash’s announcement regarding the Phoenix miner.   


   Dear NiceHash users!

It has come to our attention that Phoenix miner is no longer available for download from its original download location. Control shasum from new download locations does not match the value published by the developer on his channel! This brings the possibility that the Phoenix miner’s author wants to cover its tracks and disappear or even do something malicious.

We have immediately disabled Phoenix miner from NiceHash Miner, and we advise everyone to stop using Phoenix miner immediately!

Phoenix miner is a mining software from an anonymous author. It is not digitally signed, and no one knows who the creator is. This brings serious risk to anyone who will continue to use this software! Do not try to download Phoenix miner from any 3rd party source since it could be fake and malicious! 

If you have used PhoenixMiner on your PC, which contains any sensitive information or information of any value such as logins to various services (accesses to bank accounts, PayPal, Gmail, Facebook, Instagram, Dropbox, Google Drive, etc. ) and especially if your PC contains any private keys for any cryptocurrency wallet, directly or indirectly (through online wallet provider) consider them compromised.

If you have used Phoenix Miner on your PC, we recommend you to do the following:

– Reinstall OS

– Change all passwords and activate 2FA where possible!

– If any cryptocurrency wallets were used on this PC, we recommend you to move funds to other wallets immediately!

 Gamers – You have been warned

Many gamers use Nicehash for cryptocurrency mining, running the service on their PCs outside of gaming hours to generate a small profit. This is especially true for those who have access to cheap electricity. 

These users, who will likely use their PC to access services like PayPal, Gmail, Facebook, Instagram, Dropbox, Google Drive, and more, will need to take action against this Malware warning, as Nicehash are alleging that their PCs could be compromised. 


Nicehash urges its users to   

An abundance of caution, or an advertisement for Nicehash’s signed mining software? 

Over on the Nicehash subreddit, the Excavator and QuickMiner applications developer has shed some light on the Phoenix Miner controversy. Long story short, the official download of the Phoenix Ethereum miner has been removed from for an unknown reason. 

While the software has been removed from MEGA for breaking the company’s terms of service, the exact reason for the software’s removal is unknown. Nicehash doesn’t know what happened to the Phoenix miner or if the software presents any danger to its users. 

Some reports online have alleged that Nicehash is using this situation to promote its NiceHash Quickminer software, urging their users to move to QuickMiner while stressing the application’s use of signed code. One Reddit user called Nicehash’s announcement little more than speculation, claiming that the service is “spreading fud” to “promote their own miner”. In their announcement, Nicehash only commented on the Phoenix Miner, not on the other mining applications removed from MEGA.NZ at the same time. 

Is cryptocurrency mining safe? 

It is not uncommon for cryptocurrency miners to disable antivirus protection on their systems, as antivirus software often reacts to any cryptocurrency mining software. Unknown developers make many cryptocurrency miners with unsigned software, though many miners are available on Github to allow users to look into their codebase. 

Malicious mining software has been spread across the internet, and that factor alone has made platforms like Nicehash appealing to low-scale cryptocurrency miners and gamers. That said, Nicehash did allow its users to download the Phoenix Ethereum miner, the software that they have now alleged to be malware. 

Whether or not the Phoenix Ethereum miner is malware remains to be seen, and Nicehash has stayed on the side of caution with its announcement. Should the Phoenix miner become proven malware, they have done their due diligence to inform its users. If the Phoenix miner is not Malware, Nicehash will be seen as having overreacted to promote their own (signed) mining software. 

You can join the discussion on Nicehash warning its users to abandon the Phoenix miner and reinstall their OS’ on the OC3D Forums.