Despite being at its all time low in 18 months, hackers are still targeting Ethereum holders, trying to get as much ‘free’ profit as they can. Detections of these hackers or also called cryptojackers have reportedly tripled during the past week.
The reason behind the exploit is because there are users that are still ignorant of the threat or simply do not understand how to prevent it. It is just as how the Cyber Threat Alliance reported in September regarding issues of cryptojackers attempting to remotely control devices to steal cryptocurrency, saying: “Because this threat is relatively new, many people do not understand it, its potential significance, or what to do about it.”
A recent report from Bad Packets LLC, a cryptosecurity company, showed that there has been a rapid increase in hackers targeting mining rigs and wallets that have exposed port 8545. The port is a necessary part for wallets and mining hardware to remain connected to Ethereum blockchains. Once gained controlled, they will be able to redirect the funds mined by the hardware somewhere else.
The report wrote that the port 8545 is standardly used by JSON-RPC interface, which is common for most Ethereum wallets and software. The significant part about this detail is that the interface does not have a password set up by default, thus users must set up one by themselves. Ethereum core developers warned against the security hole back in 2015 and advised that users should set up a password of their own or apply a firewall that filters traffic.
However, it is apparent that many are still unaware of the problem when a Chinese cybersecurity firm called Qihoo 360 Netlab reported an operation ran by hackers that managed to steal ETH worth $20 million back in June.
Troy Mursch, the co-founder of Bad Packets, also described the current situation by saying: “Despite the price of cryptocurrency crashing into the gutter, free money is still free, even if it’s pennies a day.” It is truly unfortunate that the year 2018 has not only ended being a time where cryptocurrencies plummeted to its lowest, but also a year where hackers run wild in the market.