Ethereum has been one of the cryptocurrencies that felt the hardest hit during this year’s bear market. Its woes are now far from over, as hackers now target mining hardware in a bid to cash in before prices plummet even further.
ZDnet (a tech based news outlet) in a recent report revealed that hackers have unleashed a large scale scanning network designed to target Ethereum wallets and mining hardware. According to cyber security researchers, the campaign has been running for at least a week since 3rd December.
The target specifically is port 8545 (the standard port for the JSON-RPC interface), utilized by mining hardware and Ethereum wallets. The API interface allows apps installed locally and services to scan for mining data and related funds.
Some wallets with less security and mining machinery exposes this interface publicly through the port which can then be compromised. By default, the interface lacks a password set and relies on the user setting one. Hackers can make use of the port if left exposed to access the interface and lift cryptos from the wallet.
This threat is not a new one however as the Ethereum team has warning in August about Ethereum clients that are insecurely configured. The recommendations included password protecting the interface or filtering traffic through the port using a firewall.
Steps have already been taken by a number of mining rig vendors, in order to mitigate the problem by removing the interface altogether or limiting usage of port 8545.
According to Qihoo 360 Netlab (Chinese cyber-security firm) more than $20 million in Ethereum at the exchange rate of July has already been stolen by one group. When crypto prices surged it was expected that scans and attacks would also be on the up.
The price of Cryptocurrencies may be on the floor but this doesn’t stop hackers from paying attention, looking for opportunities to grab some free loot.