Wednesday, 13 September 2017

On 16:18 by admin   No comments
The Dutch security expert, Victor Gevers, managed to uncover at the end of August 2893 bithole miners who did not have a password set at the port through which the Telnet communication protocol connects through the Internet to the remote server.

Gevers, in a Bleeping Computer interview, said that all of these miners are processing transactions in the same mining fund, and they seem to belong to the same organization. "The owner of these facilities is most likely an organization that is supported or owned by the Chinese government," said Gevers, who based his claims on the information found on mining computers and their IP addresses.
With its own unique IP address consisting of a number sequence, each device connected to the Internet is allocated and can be uniquely identified by it.

The reaction came immediately

Gevers is also the chairman of the GDI Foundation, a nonprofit organization that seeks to make the Internet a much safer place. With his findings, he was about to turn to the organization in question to get a correction. However, this will no longer be necessary. It seems that one of them has noticed the Gevers tweet, in which he informed the incident, because most of the connected mines were immediately disconnected from Telnet, a remote access.
This vast network of miners is already profitable. According to a user who is quoted on Twitter as Quan, the network could come to more than a million dollars a day in case of mining another virtual currency, a bitcoin-based liteco.

Some computers were attacked

Gevers examined how long the mines were connected without protection. "I have some evidence that some other visitors were trying to install backdoor and malware on these devices," he said. Last week, Gevers told Twitter that someone was adding the miner he discovered to the Mirai botnet.
Botnets include computer networks and other devices connected to the Internet that have been infected with special software and are managed from a single center. Such a botnet exploits the devices involved, for example, to send spam or to attack the Internet. Specifically, the Mirai botnet in November last year caused 900,000 customers of the Deutsche Telekom Deutsche Telekom to remain without the Internet.


Post a comment