Author

Topic: WARNING Pool Operators - SHA256 Stratum Exploit in the Wild (Read 739 times)

legendary
Activity: 1316
Merit: 1000
I noticed recently the top miners on a couple of my SHA256 pools had very large hashrates but were not finding any blocks.

After looking further into the situation I am fairly confident they were cheating the pool. Somehow they are submitting lots of low difficulty shares. I have banned them and earnings are back to estimates. Today one of the cheats created another account which I also just banned.

Using Crypto-Expert's latest version of stratum-mining. Scrypt seems to be unaffected.

Just thought I would put it out there so other pool owners who use this version of stratum-mining are aware there is an issue.

I assume it has something to do with the diff1 setting. If anyone has any ideas what this could be changed to to stop this problems I would be most appreciative!

Have tried both:

diff1 = 0x00000000ffff0000000000000000000000000000000000000000000000000000

and

diff1 = 0x00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffff
Jump to: