Can an expert explain, how this hack really worked? The technical information in this article is useless. As I understand the Bitcoin protocol the block reward is just a transfer like any other but with no input. Since only the block reward was stolen, it can't be a weakness of the protocol. The hacker must have gained access to the private keys of the miner. But why would a miner store the reward in a hot wallet with the private keys revealed and not notice the theft over a period of 4 months?
There was no theft of any private keys. The miners were hit with a man-in-the-middle attack that redirected them to a malicious mining pool where they kept receiving new blocks to work on, but were not paid their share for that work. The technical analysis is here:
http://www.secureworks.com/cyber-threat-intelligence/threats/bgp-hijacking-for-cryptocurrency-profit/