Bitcoin Forum
October 18, 2017, 10:01:22 AM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Please help - Hashing getting hijacked!  (Read 1024 times)
gauston
Newbie
*
Offline Offline

Activity: 13


View Profile
February 08, 2014, 09:48:12 PM
 #1


Hey All -

I'm obviously new to Bitcoin mining --- after researching I went in big -- and purchased a 500GH machine that runs via a Raspberry Pi device running MinePeon.  And it works great. However - after a few days I noticed that a new pool had been added and it was stealing ALL of my hashing - i.e. my money.

I kick him off, change the password and he comes back to add his pool about once per hour.  He's get on for about 10-15 minutes before I notice. So he's getting a nice chunk of my hashing time.

The machine is hosted at a local facility but The machine is NOT behind any firewalls -- and this is where I need your help and suggestions --
I have never set up a firewall before so absolutely any information or insight would be greatly appreciated.

What do you think of this firewall - I'm thinking of purchasing it.:
http://www.amazon.com/Cisco-Systems-Wireless-Security-RV215WAK9NA/dp/B00AHSNQNS/

Thank you all in advance -

~Gauston
1508320882
Hero Member
*
Offline Offline

Posts: 1508320882

View Profile Personal Message (Offline)

Ignore
1508320882
Reply with quote  #2

1508320882
Report to moderator
1508320882
Hero Member
*
Offline Offline

Posts: 1508320882

View Profile Personal Message (Offline)

Ignore
1508320882
Reply with quote  #2

1508320882
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1508320882
Hero Member
*
Offline Offline

Posts: 1508320882

View Profile Personal Message (Offline)

Ignore
1508320882
Reply with quote  #2

1508320882
Report to moderator
1508320882
Hero Member
*
Offline Offline

Posts: 1508320882

View Profile Personal Message (Offline)

Ignore
1508320882
Reply with quote  #2

1508320882
Report to moderator
Rannasha
Hero Member
*****
Offline Offline

Activity: 728


View Profile
February 08, 2014, 10:22:04 PM
 #2

There are several possible causes for this, including:
- You have a keylogger on the system that you use to configure the miner. Every time you change the password, it's captured by the keylogger and sent to the attacker.
- The OS on the RPi has a security vulnerability that can be exploited.

You should first figure out how the attacker is gaining access. If it's through a keylogger on your system, then just slapping a firewall in front of the miner isn't going to do anything.
Evil-Knievel
Legendary
*
Offline Offline

Activity: 1008



View Profile
February 08, 2014, 10:25:08 PM
 #3

This message was too old and has been purged
gauston
Newbie
*
Offline Offline

Activity: 13


View Profile
February 09, 2014, 12:46:13 AM
 #4

The biggest problem is if you have been using a standard password in the beginning as had the machine accessible globally via internet.
You will have to reset to factory settings as most probably you have malware on it.

Hi - The ORIGINAL SD Card with MinePeon installed did have the default password.  Once I was hacked (the first time) - I switched out an ENTIRELY NEW SD Card with MinePeon reinstalled -- with a VERY secure password (25 char+) --  The Hacker is back -- and seems to have broken that one too.

The Butterfly miner that I purchased originally came with an android tablet interface - but the seller replaced that with this Raspberry Pi device because it works better. And it does, and I truly trust the seller - he has bent over backwards to get me up and mining --- as well as advice and an education.  I truly do not believe it is him.

As to the other poster - I do not have any keyboard or monitor hooked up to the miner or raspberry pi -- I bring a monitor and keyboard when I go to the NOC (Hosting facility) --

Basically - I'm looking for advice on how to set up a firewall device -- what Exactly to purchase and how to configure it.. Seriously - any suggestions or advice is welcome.

Thank you!
gauston
Newbie
*
Offline Offline

Activity: 13


View Profile
February 09, 2014, 12:55:17 AM
 #5

There are several possible causes for this, including:
- You have a keylogger on the system that you use to configure the miner. Every time you change the password, it's captured by the keylogger and sent to the attacker.
- The OS on the RPi has a security vulnerability that can be exploited.

You should first figure out how the attacker is gaining access. If it's through a keylogger on your system, then just slapping a firewall in front of the miner isn't going to do anything.

The biggest problem is if you have been using a standard password in the beginning as had the machine accessible globally via internet.
You will have to reset to factory settings as most probably you have malware on it.

--- I SHOULD MENTION - The Raspberry Pi device is attached to the ethernet cable straight from the cabinet -- there is no router / firewall currently. Just a static IP on one line ...
Basically - I'm looking for advice on how to set up a firewall device -- what Exactly to purchase and how to configure it.. Seriously - any suggestions or advice is welcome.

As to the other poster - I do not have any keyboard or monitor hooked up to the miner or raspberry pi -- I bring a monitor and keyboard when I go to the NOC (Hosting facility) --


Hi - The ORIGINAL SD Card with MinePeon installed did have the default password.  Once I was hacked (the first time) - I switched out an ENTIRELY NEW SD Card with MinePeon reinstalled -- with a VERY secure password (25 char+) --  The Hacker is back -- and seems to have broken that one too.

The Butterfly miner that I purchased originally came with an android tablet interface - but the seller replaced that with this Raspberry Pi device because it works better. And it does, and I truly trust the seller - he has bent over backwards to get me up and mining --- as well as advice and an education.  I truly do not believe it is him.

Thank you!


Danglebee
Full Member
***
Offline Offline

Activity: 196


View Profile
February 09, 2014, 04:36:36 PM
 #6

hello

get 1ru linux server have 2 eth nic. turn into firewall. need change internal lan ip unless making transparent firewall.
i happy to help if need.

may-be plug usb ethernet nic into pi it have 2 ni. use for firewal? do not know it handle a lot bandwidth ? i think might.  may-be get another?

once decide firewall. make firewall rule so.
-allow you home work ip inbound in pi / miner. stateful
-allow device and pi any or specific require traffic outbound. stateful
-allow any other inbound if require? stateful
-deny all inbound
-deny all outbound

smoothrunnings
Hero Member
*****
Offline Offline

Activity: 560


View Profile
February 09, 2014, 07:46:24 PM
 #7

The biggest problem is if you have been using a standard password in the beginning as had the machine accessible globally via internet.
You will have to reset to factory settings as most probably you have malware on it.

Hi - The ORIGINAL SD Card with MinePeon installed did have the default password.  Once I was hacked (the first time) - I switched out an ENTIRELY NEW SD Card with MinePeon reinstalled -- with a VERY secure password (25 char+) --  The Hacker is back -- and seems to have broken that one too.


He hasn't broken it, he's just found another way in. He could have modified something in the OS, maybe a command that you are using that executes something that gives him access.
OliRS
Jr. Member
*
Offline Offline

Activity: 34


View Profile
February 14, 2014, 04:30:40 PM
 #8

My first thoughts were that the seller had added a backdoor or coded something into the RPi that is allowing him to access it and change the details. Could explain why he is being so helpful in getting you mining, so he can benefit too? Just a thought, but you said you swapped for a fresh install on a new SD.

Another thought, I would ditch Minepeon and switch to using Cgminer or Bfgminer and SSH to access your mining rig via the Pi. I would say that would be more secure. Minepeon could have an exploitable backdoor or something.

Tips: 1DQvR3MuzG6JRzJDvikS43dyYW9gQexnbL Smiley
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!