[ad_1]
Hackers are not confused by the collapse of the current cryptocurrency market. According to a new ZDNet report published yesterday, hackers are ready to steal yours Ethereum [ETH] especially if you are digging.
The report explains that hackers participated in a campaign for most of last week, devising methods to hack ethereal portfolios exposed on the internet and mining equipment.
The report cites evidence from Troy Mursch, co-founder of Bad Packets LLC Who said this hackers scan the Internet for devices with port 8545 exposed online. This particular port is required for several Ethereum portfolios and mining equipment and allows devices that use it to maintain communication within the Ethereum blockchain.
According to the report, port 8545 is the standard port used by the JSON-RPC interface, an interface that underlies most of the Ethereum portfolios and data mining software. Through this port, applications bundled with the corresponding software will be able to query the blockchain for information related to mining and funds.
In theory, the JSON-RPC interface is designed to be used locally within the local mining equipment network. However, some portfolios and mining equipment have enabled it for most interfaces and then connect it to the Internet. In addition, the JSON-RPC interface is a security hole as it is not supplied as standard with a password and is based on the user to create one.
Once the hackers have found a group of potential victims, they could perform tests to check who left their wallets exposed to the Internet without setting a password. An exposed interface can easily be controlled to transfer funds to another wallet.
Ethereum warned of the problem
This problem is not new, however. In 2015, Ethereum's core developers issued a warning about warnings and software developers of mining and users alike to pay attention to traffic through port 8545. Their suggestions included the use of firewalls to filter traffic or set a password for the JSON-RPC interface.
In recent months, reports have emerged on huge port scans 8545. Already in June this year, the Chinese computer security company Qihoo 360 Netlab reported a group of hackers who had managed to steal $ 20 million (June exchange rate). According to the report, these mass scans on the vulnerable port have more than tripled in the last month compared to previous months, despite the decline in the price of Ethereum.
Source link