Bad Packets Cryptojacking Report on Port 8545 Hack: Ethereum Hackers Target Mining Rigs, Wallets

In a talk with ZDNet, the Co-Founder of Bad Packets, Troy Mursch, warned miners and investors of Ethereum of the spike in hackers of internet-exposed Ethereum mining equipment and wallets. Bad Packets is a cryptocurrency related firm that deals with crypto jacking, hacks and the security of crypto wallets. The latest report from the firm showed a spike in the hack scans made on port 8545 to steal internet exposed Ether as of December 3^rd 2018.

According to the cybersecurity firm, the attackers target the port 8545 which is the standard port for the JSON-RPC interface. The JSON-RPC interface is a locally installed program API that is used by a number of miners and wallets to provide access to funds. Chart showing the scans for port 8545 in the past month (Bad Packets Twitter)

"Attackers are scanning for devices with port 8545 exposed online. This is the standard port for the JSON-RPC interface of many #Ethereum wallets and mining equipment."https://t.co/PCee6kktYN

— Bad Packets Report (@bad_packets) December 11, 2018

The interface also enables users to access funds-related information and the mining Ethereum. As much as the interface is set to be local, some wallets and exchanges allow for availability across all platforms. This is the issue at hand in the last few days as the interface does not come with a password and requires the user to set the password.

The report urged miners to be cautious of leaving their port 8545 exposed as it puts them at risk of hacking. Furthermore, miners should encrypt the ports with a password or remove the interface completely to be safe. Failure to do this puts the investors ETH at risk of being stolen by the attackers.

The Recurring Port 8545 Issue

The current problem being faced by Ethereum is not the only case of hackers targeting port 8545. Back in 2015, Ethereum development team offered a warning to its holders to keep their wallets and miners safe by encrypting the JSON-RPC interface. As is with the crypto market, most of the holders ignored the warning leaving their funds unprotected.

Image by ZeroBS

The low price of Ether at the time discouraged most investors from taking the necessary precautions. However, as the price continued to sky rocket to heights not seen before in 2017, the scans by attackers increased. Attacks in November 2017, and several months this year has left many investors complaining on their lost investments.

In one case in June this year, Chinese cyber-security firm Qihoo 360 Netlab said that one particular group behind these scans stole Ethereum worth over US$20 million while ETH traded at US$600.

Further Reports On The Ethereum Port 8545 Hack

Despite the continued bear run on Ethereum that sees the coin trade below US$90 for the first time since June May 2017, the scans by hackers have tripled in the last week. According to ICS SANS project there are nearly 4,600 devices that are at risk of hacking even during the price turmoil seen.

Users should protect their funds despite the low prices as these hackers are willing to steal even the littlest of amounts. Anyway, it’s free money for them.