The first half of June has seen a series of high profile attacks rock the cryptocurrency ecosystem, with the recent South Korean exchange Coinrail hacked to the tune of around $40 million and ZenCash targeted by a successful 51% attack.
One of the most successful hacks of 2018 didn't occur with a bang, but with a whisper - the discrete siphoning of over $20 million in ETH from poorly-configured Ethereum nodes.
Hackers have succeeded in stealing over $20 million by hijacking insecure Ethereum nodes - an issue that was highlighted in March this year by Chinese security giant Qihoo 360, who notably raised concerns recently regarding the security of the soon-to-launch EOS blockchain.
Someone tries to make quick money by scanning port 8545, looking for geth clients and stealing their cryptocurrency, good thing geth by default only listens on local 8545 port.
Qihoo 360 attempted to alert the Ethereum community several months ago, warning users of the Geth Ethereum client that malicious parties were scanning port 8545 - the default listening port for the client.
At the time of the report, hackers had only captured a little under 4 ETH for their effort, resulting in these warnings being largely ignored by the Ethereum community.
6 ETH haul - worth over $18 million at the time of this report.
The wallet associated with the hackers, to which all of the siphoned ETH has been sent, has received roughly 5,000 transactions to date, with an average transaction amount of around 7 ETH. This entire haul was accumulated simply by scanning the internet for Geth users that left their JSON-RPC port 8545 open to the world and hijacking their wallets.
Almost three years ago, the Ethereum project issued a security alert regarding the high risk associated with insecurely configured Ethereum clients with no firewall, specifically mentioning the built-in security placed on the JSON-RPC interface.
According to 360, scanning attempts on port 8545 have now increased dramatically as a result, with copycat hackers moving in on weak targets.
Hackers Scoop $20 Million in ETH From Exposed Ethereum Nodes
Published on Jun 13, 2018
by Cryptoslate | Published on Coinage
Coinage
Mentioned in this article
Recent News
View All
First Mover: What's Next for Bitcoin as Wall Street Gets Vaccine Booster
Bitcoin was higher for a second day, staying in a range of between roughly $15,200 and $15,600, as news of progress in developing a coronavirus vaccine appeared to touch off a rally in U.S. stocks.
Market Wrap: Bitcoin Fails to Break $15.9K; Over 50K ETH Staked on Eth 2.0 Contract
Bitcoin gained Wednesday while Ethereum 2.0 staking has been ramping up.
Citibank Analyst Says Bitcoin Could Pass $300K by December 2021
A senior analyst at U.S.-based financial giant Citibank has penned a report drawing on similarities between the 1970s gold market and bitcoin.
Blockchain Bites: Data Unions. Hard Forks. And One Citi Analyst's Case for $300K BTC.
A Citibank managing director thinks bitcoin could hit $318,000.