Ethereum has been one of the hardest hit cryptocurrencies during this year’s bear market. Its woes are nowhere near over as mining hardware has been targeted by hackers looking to cash in before prices plummet even further.
In a recent report tech based news outlet ZDnet revealed that hackers have unleashed a large scale scanning network designed to target Ethereum wallets and mining hardware. The campaign has been running for at least a week since December 3 according to cyber security researchers.
The target specifically is port 8545 which is the standard port for the JSON-RPC interface used by Ethereum wallets and mining hardware. The API interface allows locally installed apps and services to scan for fund related and mining data.
Some less secure wallets and mining machinery leave this interface exposed publicly via the port which can then be compromised. By default the interface does not have a password set and relies on the user configuring one. If left exposed hackers can exploit the port to access the interface and lift cryptocurrencies from the wallet.
This is not a new threat however as the Ethereum team issued a warning back in August about insecurely configured Ethereum clients. The recommendations included password protecting the interface or filtering traffic through the port using a firewall.
A number of mining rig vendors have already taken steps to mitigate the issue by removing the interface altogether or limiting usage of port 8545. There are still a lot of vulnerable Ethereum clients online however and the scans are ramping up.
According to Chinese cyber-security firm Qihoo 360 Netlab over $20 million in Ethereum at July’s exchange rate has already been stolen by one group. When crypto prices surged it was expected that scans and attacks would also be on the up.
Scan activity has tripled over the past week according to the cyber security firm. Further searches show that nearly 4,700 devices, mostly Geth mining equipment and Parity wallets, are currently exposing their 8545 port.
Cryptocurrency prices may be on the floor but that does not deter hackers from paying attention and seeking opportunities to grab some free loot.