Bitcoin Forum>Alternate cryptocurrencies>Mining (Altcoins)
Author

Topic: PSA *Urgent* Secure your Claymore ETH mining rigs NOW (Read 312 times)

MarkAz
hero member
Activity: 687
Merit: 511
PSA *Urgent* Secure your Claymore ETH mining rigs NOW
January 19, 2018, 10:08:43 AM
#7
Awesome.  I'm shocked that someone who was foolish enough not to change the defaults on Claymore would be competent enough to configure their router to port map to it.  Wink  Maybe this botnet should create a bounty for Claymore to add UPnP support - that would definitely help them get a few more machines.

Really this only must affect very small users, unless they mapped each of their rigs to different ports, and I highly doubt the botnet is portscanning a target, but instead just looking for open machines.  I would also suspect this is targeted more to people colo'ing at traditional datacenters where they have a static IP and their box exposed to the world (as a miner-specific colo is going to presumably have them behind a router/firewall).
dragonmike
hero member
Activity: 1274
Merit: 556
Re: PSA *Urgent* Secure your Claymore ETH mining rigs NOW
January 19, 2018, 08:38:32 AM
#6
Quote from: Gunna01 on January 19, 2018, 02:22:50 AM
If you have opened port 3333 on your modem\router and not set a password you deserve it. NO ports should be open to your mining rig, you should VPN to your router or another machine then connect to mining rig
This is how I understand it too, right?
So the firewall on my router should block any traffic into any port that I haven't specifically opened/forwarded (even using uPnP), correct?

This would affect people having specifically opened and forwarded port 3333 and not set a password in Claymore settings?
adaseb
legendary
Activity: 3738
Merit: 1708
CoinPoker.com
Re: PSA *Urgent* Secure your Claymore ETH mining rigs NOW
January 19, 2018, 04:45:09 AM
#5
This started happening probably about a year ago.

By default Claymore config makes changing settings disabled to prevent this from happening.
NameTaken
hero member
Activity: 630
Merit: 502
Re: PSA *Urgent* Secure your Claymore ETH mining rigs NOW
January 19, 2018, 04:41:49 AM
#4
Code:
masscan -p 3333 --max-rate 99999 -oX botnet.xml 0.0.0.0/0
dagarair
sr. member
Activity: 847
Merit: 383
Re: PSA *Urgent* Secure your Claymore ETH mining rigs NOW
January 19, 2018, 04:22:56 AM
#3
Quote from: Gunna01 on January 19, 2018, 02:22:50 AM
If you have opened port 3333 on your modem\router and not set a password you deserve it. NO ports should be open to your mining rig, you should VPN to your router or another machine then connect to mining rig

Truth
Gunna01
sr. member
Activity: 306
Merit: 251
Re: PSA *Urgent* Secure your Claymore ETH mining rigs NOW
January 19, 2018, 02:22:50 AM
#2
If you have opened port 3333 on your modem\router and not set a password you deserve it. NO ports should be open to your mining rig, you should VPN to your router or another machine then connect to mining rig
beachbummer
full member
Activity: 251
Merit: 100
Re: PSA *Urgent* Secure your Claymore ETH mining rigs NOW
January 19, 2018, 01:24:51 AM
#1
There is a botnet that is capable of compromising Claymore ETH mining rigs at default settings. It will change the wallet address to the hacker's.

Please take action to secure your mining rig now. It can be done through the use of a simple command line switch.

https://www.cryptoinfomag.com/2018/01/18/satori-botnet-attack-hijacks-ethereum-from-mining-rigs/
Bitcoin Forum>Alternate cryptocurrencies>Mining (Altcoins)
Jump to: