The attack you were the victim of is described in detail here
https://medium.com/@s3yfullah/hacking-cryptocurrency-miners-with-osint-techniques-677bbb3e0157
TL;DR: Exposing your mining rigs to the internet without first changing user/pass is asking to be robbed.
It is really easy to find machine like yours on IoT search engines such as Shodan. Beware!
https://medium.com/@s3yfullah/hacking-cryptocurrency-miners-with-osint-techniques-677bbb3e0157
TL;DR: Exposing your mining rigs to the internet without first changing user/pass is asking to be robbed.
It is really easy to find machine like yours on IoT search engines such as Shodan. Beware!
Ty for link! Im familiar with shodan, so I figured it had to be something like that!
My mining locations are usually behind a fortigate or ubiquiti usg, so I've never really bothered with changing the logins! ^^
This happend when I got a new uplink, and my gf bypassed the USG when switching
I think its strange that factory reset wont change the pw back to the original one, but they have probably changed the default config as well I guess!
The only fix is to buy a new controller then? I will probably just scrap them and use the fan's as reserve parts if there arent any easy fixes!
