Author

Topic: Please help - Hashing getting hijacked! (Read 1143 times)

newbie
Activity: 34
Merit: 0
February 14, 2014, 11:30:40 AM
#8
My first thoughts were that the seller had added a backdoor or coded something into the RPi that is allowing him to access it and change the details. Could explain why he is being so helpful in getting you mining, so he can benefit too? Just a thought, but you said you swapped for a fresh install on a new SD.

Another thought, I would ditch Minepeon and switch to using Cgminer or Bfgminer and SSH to access your mining rig via the Pi. I would say that would be more secure. Minepeon could have an exploitable backdoor or something.
hero member
Activity: 630
Merit: 501
February 09, 2014, 02:46:24 PM
#7
The biggest problem is if you have been using a standard password in the beginning as had the machine accessible globally via internet.
You will have to reset to factory settings as most probably you have malware on it.

Hi - The ORIGINAL SD Card with MinePeon installed did have the default password.  Once I was hacked (the first time) - I switched out an ENTIRELY NEW SD Card with MinePeon reinstalled -- with a VERY secure password (25 char+) --  The Hacker is back -- and seems to have broken that one too.


He hasn't broken it, he's just found another way in. He could have modified something in the OS, maybe a command that you are using that executes something that gives him access.
full member
Activity: 196
Merit: 100
February 09, 2014, 11:36:36 AM
#6
hello

get 1ru linux server have 2 eth nic. turn into firewall. need change internal lan ip unless making transparent firewall.
i happy to help if need.

may-be plug usb ethernet nic into pi it have 2 ni. use for firewal? do not know it handle a lot bandwidth ? i think might.  may-be get another?

once decide firewall. make firewall rule so.
-allow you home work ip inbound in pi / miner. stateful
-allow device and pi any or specific require traffic outbound. stateful
-allow any other inbound if require? stateful
-deny all inbound
-deny all outbound
newbie
Activity: 13
Merit: 0
February 08, 2014, 07:55:17 PM
#5
There are several possible causes for this, including:
- You have a keylogger on the system that you use to configure the miner. Every time you change the password, it's captured by the keylogger and sent to the attacker.
- The OS on the RPi has a security vulnerability that can be exploited.

You should first figure out how the attacker is gaining access. If it's through a keylogger on your system, then just slapping a firewall in front of the miner isn't going to do anything.

The biggest problem is if you have been using a standard password in the beginning as had the machine accessible globally via internet.
You will have to reset to factory settings as most probably you have malware on it.

--- I SHOULD MENTION - The Raspberry Pi device is attached to the ethernet cable straight from the cabinet -- there is no router / firewall currently. Just a static IP on one line ...
Basically - I'm looking for advice on how to set up a firewall device -- what Exactly to purchase and how to configure it.. Seriously - any suggestions or advice is welcome.

As to the other poster - I do not have any keyboard or monitor hooked up to the miner or raspberry pi -- I bring a monitor and keyboard when I go to the NOC (Hosting facility) --


Hi - The ORIGINAL SD Card with MinePeon installed did have the default password.  Once I was hacked (the first time) - I switched out an ENTIRELY NEW SD Card with MinePeon reinstalled -- with a VERY secure password (25 char+) --  The Hacker is back -- and seems to have broken that one too.

The Butterfly miner that I purchased originally came with an android tablet interface - but the seller replaced that with this Raspberry Pi device because it works better. And it does, and I truly trust the seller - he has bent over backwards to get me up and mining --- as well as advice and an education.  I truly do not believe it is him.

Thank you!


newbie
Activity: 13
Merit: 0
February 08, 2014, 07:46:13 PM
#4
The biggest problem is if you have been using a standard password in the beginning as had the machine accessible globally via internet.
You will have to reset to factory settings as most probably you have malware on it.

Hi - The ORIGINAL SD Card with MinePeon installed did have the default password.  Once I was hacked (the first time) - I switched out an ENTIRELY NEW SD Card with MinePeon reinstalled -- with a VERY secure password (25 char+) --  The Hacker is back -- and seems to have broken that one too.

The Butterfly miner that I purchased originally came with an android tablet interface - but the seller replaced that with this Raspberry Pi device because it works better. And it does, and I truly trust the seller - he has bent over backwards to get me up and mining --- as well as advice and an education.  I truly do not believe it is him.

As to the other poster - I do not have any keyboard or monitor hooked up to the miner or raspberry pi -- I bring a monitor and keyboard when I go to the NOC (Hosting facility) --

Basically - I'm looking for advice on how to set up a firewall device -- what Exactly to purchase and how to configure it.. Seriously - any suggestions or advice is welcome.

Thank you!
legendary
Activity: 1260
Merit: 1168
February 08, 2014, 05:25:08 PM
#3
This message was too old and has been purged
hero member
Activity: 728
Merit: 500
February 08, 2014, 05:22:04 PM
#2
There are several possible causes for this, including:
- You have a keylogger on the system that you use to configure the miner. Every time you change the password, it's captured by the keylogger and sent to the attacker.
- The OS on the RPi has a security vulnerability that can be exploited.

You should first figure out how the attacker is gaining access. If it's through a keylogger on your system, then just slapping a firewall in front of the miner isn't going to do anything.
newbie
Activity: 13
Merit: 0
February 08, 2014, 04:48:12 PM
#1

Hey All -

I'm obviously new to Bitcoin mining --- after researching I went in big -- and purchased a 500GH machine that runs via a Raspberry Pi device running MinePeon.  And it works great. However - after a few days I noticed that a new pool had been added and it was stealing ALL of my hashing - i.e. my money.

I kick him off, change the password and he comes back to add his pool about once per hour.  He's get on for about 10-15 minutes before I notice. So he's getting a nice chunk of my hashing time.

The machine is hosted at a local facility but The machine is NOT behind any firewalls -- and this is where I need your help and suggestions --
I have never set up a firewall before so absolutely any information or insight would be greatly appreciated.

What do you think of this firewall - I'm thinking of purchasing it.:
http://www.amazon.com/Cisco-Systems-Wireless-Security-RV215WAK9NA/dp/B00AHSNQNS/

Thank you all in advance -

~Gauston
Jump to: