0
0

[–] Ag47 [S] ago 

Per reports on ZDNet, crypto hackers are targeting Etherum wallet and mining equipment going through devices with an exposed port 8545, the standard port for the JSON-RPC interface — a programmatic API that sits on the local device and can be used to query for mining-related information.

Ethereum developers had warned users about the dangers of exposing the JSON-RPC interface when using mining equipment and Ethereum software, instructing users to enable a password for the interface or activate a firewall to filter internet traffic coming to the vulnerable port.

By design, the JSON-RPC interface doesn’t come with a default password. It’s dependent on users setting one, which they rarely do. For Ethereum wallets or mining equipment whose port is left exposed on the internet, hackers can send commands to the API and remotely transfer funds out of the wallets.

The report states that mining rigs producers and Ethereum wallet developers have done their bit to limit the damage caused by this problematic interface by warning users of the need to add a password. Others have gone the extreme route of removing the interface altogether, but since this wasn’t a united effort, the problem persists.