BSV
$68.37
Vol 160.64m
-9.63%
BTC
$99199
Vol 101780.2m
2.39%
BCH
$494.89
Vol 1464.85m
-4.57%
LTC
$89.88
Vol 1180.65m
-0.17%
DOGE
$0.39
Vol 10019.17m
2.29%
Getting your Trinity Audio player ready...

Hackers have successfully stolen as much as $20 million in ETH from misconfigured Ethereum clients, according to reports.

In a new report, China-based cybersecurity company Qihoo 360 Netlab detailed how hackers managed to breach Ethereum-based applications and mining rigs, which have been configured to expose a Remote Procedure Call (RPC) interface.

The offending interface, on port 8545, is designed to allow for integration with APIs from third party services or to enable apps to interact with other Ethereum services. To perform this function, the RPC interface creates an exploit the hackers have used to find private keys, to gain access to funds directly, and to gain access to the owner’s personal data, according to experts at the cybersecurity firm.

The interface is generally switched off in most Ethereum-based apps by default, and there is often a warning not to switch it on without appropriate additional security measures. However, with a culture of customising settings in Ethereum apps, and often without the required depth of knowledge, a number of clients have been left exposed, resulting in this, the latest theft of ETH.

The issue is far from new. The Ethereum Project has issued official guidance to those running Ethereum mining rigs, highlighting that their funds were open to theft without adequate additional security.

Despite these warnings, the issue has persisted, and developers continue to misconfigure devices and apps without fully appreciating the risks.

Hackers have been intensifying efforts to scan for exposed ports, with a surge in activity around November 2017 in scanning for devices running on port 3333.

However, with the majority of applications running their RPC on port 8545, Qihoo 360 Netlab has now found evidence of a growth in the number of scans specifically looking to take advantage of this exploit: “If you have honeypot running on port 8545, you should be able to see the requests in the payload, which has the wallet addresses…And there are quite a few IPs scanning heavily on this port now.”

With automated scanning and hacking tools becoming ever more sophisticated, it’s up to developers to make sure they don’t become the latest victims to this increasingly prevalent scam.

Recommended for you

Blockchain enables autonomous AI agents to learn
Utilizing blockchain tech, a group of Belgian scientists enabled autonomous AI agents to learn and communicate securely, contributing to the...
September 17, 2024
WhatsOnChain gets own UTXO endpoints for BSV blockchain services
With ElectrumX set to retire in October, WhatsOnChain is gearing up to implement a new UTXO set of API endpoints,...
September 16, 2024
Advertisement