• Loading ticker data...
Coin Prices →
Altcoin News

Hackers reportedly plunder $20 million USD from insecure Ethereum nodes

Chinese security agency Qihoo 360 has claimed that a three-year-old security issue present in some Ethereum nodes has resulted in a malicious theft of over $20 million USD in Ether.

Written by Bryan Smith Published on

Chinese security agency Qihoo 360 flagged concerns surrounding EOS’ blockchain earlier this year – and now the agency has warned that hackers may have made off with approximately $20 million USD in Ether as the result of theft from insecure network nodes.

Three years ago, Ethereum developers issued a security alert diagnosing a vulnerability within incorrectly configured Ethereum clients – specifically highlighting security placed on its JSON-RPC interface.

Earlier this year, the Qihoo 360 first warned users that malicious parties had begun scanning the same JSON-PRC port – 8545 – of the Geth Ethereum client in an attempt to plunder profits. At the time of the tweet, hackers had managed to make off with 3.96234 ETH.

Unfortunately, many node operators remained oblivious to the warnings – and now a wallet address associated with the same group bears a total of 38,642 ETH. The same wallet address shows an average transaction amount of as much as 7 ETH.

As Qihoo 360 notes, the theft has been achieved by simply scanning Ethereum nodes that had left JSON-RPC port 8545 open.

According to the Chinese security agency, copycat hackers have since similarly targeted network nodes using the same approach – effectively giving a three-year-old issue a new lease on life.

As the Ethereum community noted then, node operators have been urged to only run the default settings for each client they maintain.

Ethereum is down -1.70% day-on-day, and presently trades at $487.83 USD.

Written by

South African technology journalist, podcaster, photographer and filmmaker. Hodling - BTC, NEO, ETH.@bryansmithsa

Related Articles