Nearly 3,000 Bitcoin Miners Exposed Online Via Telnet Ports, Without Passwords (bleepingcomputer.com) 43
An anonymous reader quotes a report from Bleeping Computer: Dutch security researcher Victor Gevers has discovered 2,893 Bitcoin miners left exposed on the internet with no passwords on their Telnet port. Gevers told Bleeping Computer in a private conversation that all miners process Bitcoin transactions in the same mining pool and appear to belong to the same organization. "The owner of these devices is most likely a state sponsored/controlled organization part of the Chinese government, " Gevers says, basing his claims on information found on the exposed miners and IP addresses assigned to each device. "At the speed they were taken offline, it means there must be serious money involved," Gevers added. "A few miners is not a big deal, but 2,893 [miners] working in a pool can generate a pretty sum." According to a Twitter user, the entire network of 2,893 miners Gevers discovered could generate an income of just over $1 million per day, if mining Litecoin.
TELNET???? (Score:1)
Re: (Score:1)
I use telnet extensively in my internal network.
Dead simple interface, capable of moving complex data as JSON or MIME64 strings.
Re: (Score:2)
Bad networkBoy! Bad!
Even on a local network, rsh and friends aren't quite as pants-around-your-ankles as telnet is; but there's really no excuse for having an Internet-facing machine running telnet in this day and age. ssh exists for a reason, and even that has issues, as we've seen. If you're gonna run old-coot UUCP-era technology, you're gonna get pwned.
Re: (Score:2)
who said internet facing? ;)
Re: (Score:2, Interesting)
Uh, hate to break this to you but ALL modern non-commodity currencies are "made up of thin air" if you THINK about it.
Do you think a few pieces of green paper are really a fair trade for a hamburger without that "magic" quality?
Why should bitcoin be any different than the ephemeral value of the fanciful and invented concept of the "dollar"?
Re: (Score:3)
All currencies are effectively made up out of thin air. Gold has no greater intrinsic value than, say, iron or salt. People have simply ascribed a great deal of value to it due to relative scarcity, but it isn't as if gold was historically so important that civilization would have fallen if it had been rarer. It would certainly make many modern processes and products more expensive, of course, but we extract one helluva lot of gold nowadays in comparison to what mining was able to do prior to the Industrial
Telnet passwords (Score:2)
Re: (Score:1)
Just because the password can be overheard doesn't mean there shouldn't be one.
Telnet in 2017 (Score:5, Informative)
Re: (Score:2)
Why would they? They are more interested in making real money.
Re:Telnet can be more secure than SSH (Score:4, Insightful)
2.5 billion dollars of bitcoin changed hands in the last 24hrs, and 1.7 billion in Litecoin.
Moving a single million is not difficult.
Re: (Score:1)
I wish people would stop saying bitcoins and litecoins are worth millions, if they can't be exchanged for anything of worth.
Coming into the possession of an ancient lead coffin - after discarding the contents - I have formed a number of leaden lozenges. These, stamped with appropriate seals and runes, I declare to be worth five hundred thousand dollars each.
Funny thing is, nobody wants to buy them.
Re: (Score:1)
You... You are not well informed.
The sum here ($1M) is trivial in the bitcoin world, more than 2000x that was traded in the last day.
As for value, my miners mine the most profitable scrypt coin available at the time, then automatically trade it on the exchanges, then deposit the coins in a coinbase account, which could automatically convert them to fiat (that's dollars, btw). My miners bring in about $700/day, sometimes a little more, sometimes a little less. It costs me $608 to power them for a month. The
Re: (Score:2)
Of course bitcoin can be exchanged for anything of worth. This is obvious to anyone who does a few minutes of research into the subject.
The question then naturally becomes, why do you claim differently when you obviously haven't done that research? What purpose does your post serve?
(20% of all remittance between South Korea and the Philippines is done via Bitcoin. Overstock are extremely happy with their sales in bitcoin. Those were two examples of actual use - I'll let you find all the rest yourself)
Re: (Score:2)
assuming you can find someone who wants to buy $1m worth of bit/lite/chigga-wigga-whatevercoin per day.
2.5 billion dollars of bitcoin changed hands in the last 24hrs, and 1.7 billion in Litecoin.
Moving a single million is not difficult.
Parent didn't ask about moving bitcoin, parent asked about selling them (a subset of moving them). It's perfectly possible to move 2.5b worth of Bitcoin around without a single one of them getting changed for dollars.
Re: (Score:3)
Christ, Telnet is completely unencrypted, so it is completely vulnerable to anyone who can intercept the packets. While it's true that you could transmit encrypted traffic over Telnet, one would presume you would be using the same encryption libraries that are being used by, say, SSH or a VPN host or client, and it is by and large in those libraries that the vulnerabilities lie.
I stopped using Telnet a long time ago, and it is disabled on any production machine, and the firewalls outright block the port, ju
Re:According to some ignorant twit... (Score:2)
or an income of just over 6 million yuanbao per day...
Now that's a funny mental image...
Oh. You've absolutely no idea what a yuanbao [wikipedia.org] is, do you? And neither does your Twitter buddy, evidently.
Anyhow, thanks for the chuckle.
News (Score:1)