Ethereum Exploit: ETH Miners Beware
It seems as though Ethereum miners are in for even more of a hard time than usual. Hackers have recently found a new way to steal people’s crypto assets. They are running a massive scanning campaign for an Ethereum exploit to pick out Ethereum miners and wallets with a specific vulnerability.
A Non-Profitable Security Risk
Down by 90% from its all-time high, Ethereum mining has been a nightmare these past few months. According to a new report by ZDNet, Ethereum miners are currently the best targets for crypto hackers due to an Ethereum exploit.
Attackers are scanning for any devices running with the port 8545 open online. The JSON-RPC interface for both Ethereum wallets and mining equipment operate on this port. This is a programmatic API; used by locally-installed apps and services to query for funds and mining-related information.
Think you’re working hard at making an extra income even while prices are down? If you’re not careful and don’t heed the warnings about port 8545, you may just see all your ETH disappear overnight. #decrypted #blockchain #ethereum #mining https://t.co/G51GMKp5Dg
— Decrypt[ed] (@decrypt_ed) December 13, 2018
Technically, this interface should only be available locally. Though some wallet apps and mining hardware keep it enabled on all interfaces. As well as this, when this JSON-RPC interface is on; there is no password set for the default configuration, relying on the user to set one.
While many mining rig manufacturers and crypto wallet developers have taken precautions to limit the risk of exposure on port 8545, it wasn’t an industry effort.
Even though Ethereum scanning campaigns have been prevalent over the last two years; this is the first time these scans have been reported during a bear market. In light of this, a report from Tory Mursch, co-founder of Bad Packets LLC; states that scan campaigns tripled in December in comparison to the previous month.
Despite the price of cryptocurrency crashing into the gutter, free money is still free, even if it’s pennies a day
One of the most shocking things regarding these scans is how easy it is to procure the tools to take advantage of this Ethereum exploit for clients with a vulnerability on port 8545. Over 4,700 devices including mainly Geth mining rigs and Parity wallets are the most vulnerable.
Even though prices may be down right now, it doesn’t necessarily mean that cryptocurrency is worthless. While it’s true Ethereum is currently trading at far lower than its all-time high., 1 token still holds far more value than any fiat currency in the world. I’d advise our users to take this article as a warning and to ensure their mining equipment and wallet isn’t at risk. This Ethereum exploit could cost users all their tokens.
If you got your Ethereums mined and want to trade, get into most trusted South African cryptocurrency exchange – iCE3X and start trading now!