Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Think youâre working hard at making an extra income even while prices are down? If youâre not careful and donât heed the warnings about port 8545, you may just see all your ETH disappear overnight.
According to crypto-jacking and cybersecurity research firm Bad Packets, a mass-scan campaign is active at the moment. Hackers are on the lookout for internet-exposed Ethereum mining equipment and wallets.
Bad Packets Co-Founder Troy Mursch told ZDNet that this scanning campaign has actually been active for over a week, starting on December 3.
Scanning for Exposed Wallets and Mining Equipment
Hackers search the net for any devices that have port 8545 exposed on the internet. If youâre not sure what that is, itâs basically the standard port for the JSON-RPC interface of certain types of Ethereum mining equipment (particularly Geth) and Ethereum wallets.
This JSON-RPC interface is an API that allows locally-installed services and apps to find relevant mining and price related information.
For security reasons, the interface should, in theory, only be locally exposed. However, some mining equipment and wallet apps and make it available on all interfaces.
To add insult to injury, many of the JSON-RPC interfaces donât come with a default password. This means that if the user has failed to set one, the device is completely exposed.
Itâs easy money for the hacker. All they have to do is locate the wallet or mining equipment, send the right commands, and remove all the ethereum 00 from the victimâs address.
Port 8545 Is Not a New Problem
Ethereum has long been aware of the port 8545 issue and sent out a warning to all miners using Geth equipment back in 2015. They advised of the danger of using the type of equipment and also let Ethereum users know that this software exposes the API interface to the internet.
They also recommended that users took extra precautions by adding a password or using a firewall to block unwanted incoming traffic for port 8545.
The warning worked for some time, but memories are short in the crypto-sphere. While plenty of miners and wallet makers either took the appropriate precautions or removed the JSON-RPC interface completely, the effort wasnât industry-wide.
Moreover, thereâs more than one way to fall victim to vulnerabilities in the Ethereum network. Just last month, researchers found another major flaw that allowed hackers to drain exchanges by burning their ETH on high transaction costs.
Donât Let Ethereumâs Tanking Price Deceive You
Back in 2015, hackers scouring for ETH were not so prevalent, but when Ethereum reached giddy heights of over $1,300 in January 2018, plenty of high-profile hacking attacks began coming to light.
Among the worst of these happened in June 2018 when a scanner managed to amass over $20 million worth of Ethereum at the then-price of around $600.
Since the price has tanked with the altcoin seeing some 90% shaved off its value, the port 8545 issue has been buried in the background.
But donât let the low price deceive you. Even if ETH is trading at less than $100 these days, hackers are indiscriminate. They will still take a small amount from a lot of people and make a large profit over time. Said Mursch:
Despite the price of cryptocurrency crashing into the gutter, free money is still free, even if itâs pennies a day.
According to their Twitter account, Bad Packets found that the scan activity had actually tripled compared to last month despite the rock-bottom price.
Itâs thought that around 4,700 devices (most of which are Parity wallets and Geth mining equipment) are currently exposing their port 8545. Worse still? Hackers can even find free tools to exploit this vulnerability and attack Ethereum users through the port.
So if youâve been lax on your security or focusing all your attention on the price, just remember never to leave your back door (or your port 8545) completely wide open.
Will this vulnerability further hurt ETH price? Share your thoughts below!Â
Images courtesy of Shutterstock, Bad Packets LLC
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.