Ethereum Geth Vulnerability Allows Hackers to Steal $20M in ETH
More Than $20 Million In Ethereum Stolen Due To Geth's Vulnerability
A wallet address associated with hackers who search for vulnerable customers in Geth is now filled with over $20 million in ETH.
Clients who insecurely were running Geth -a command line interface program that runs the entire Ethereum network nodes- allowed more than $20 million in ETH to be stolen in recent months. This began when a cyber-security company noticed that hackers were scanning IP addresses to see if they had port 8545 open. The port is used by Geth to communicate with the Ethereum network.
If hackers found the port open, they could investigate it and determine whether the Geth client was configured insecurely or not. Normally, this port is open only locally and is not available for external internet. However, those who allowed the port to be open to the public were not so lucky.
When 360 Netlab reported the incident on Twitter, it was known that the hackers had only achieved about 3.96234 ETH. This is not much compared to other hacking scandals on blockchain platforms, but it could cost Geth's fame as a bad application and undo the confidence millions of people have in the currencies they have invested in, further reducing the price and market capitalization of the entire ecosystem.
So far this year, only in April it was reported worldwide that more than half a billion dollars in cryptos have gone to hackers. If this is your case and you are running Geth right now you should at least make sure that your listener is only listening locally and change the port to something else to make sure that you will not be detected by the scanners.
At press time, Cryptovest reports that criminals have 38,642.23856 ETH in their wallet, which amounts to more than 20 million dollars. All this happened since then because an alarming number of users ignore the fact that they should only allow geth to listen to port 8545 from localhost, or IP 127.0.0.1.