How can we prevent this attack from recurring?

Bitcoin Forum

May 04, 2024, 02:38:04 AM

Welcome, Guest. Please login or register.

News: Latest Bitcoin Core release: 27.0 [Torrent]

Home

Help

Bitcoin Forum > Bitcoin > Mining > How can we prevent this attack from recurring?

Pages: [1]

« previous topic next topic »

Author

Topic: How can we prevent this attack from recurring? (Read 1222 times)

Cryddit (OP)

Legendary

Offline

Activity: 924
Merit: 1129

How can we prevent this attack from recurring?

August 13, 2014, 08:01:32 PM

http://www.secureworks.com/cyber-threat-intelligence/threats/bgp-hijacking-for-cryptocurrency-profit/

1) Get access to a switch at an ISP (or, really, anywhere in the network fabric)
2) Divert mining getwork requests to the cracker's own pool server
3) Run a mining pool that none of the participants know they're in
4) Don't pay the participants.
5) Profit!

1714790284

Hero Member

Offline

Posts: 1714790284

Ignore

1714790284

1714790284


	Report to moderator

1714790284

Hero Member

Offline

Posts: 1714790284

Ignore

1714790284


	Report to moderator

Unlike traditional banking where clients have only a few account numbers, with Bitcoin people can create an unlimited number of accounts (addresses). This can be used to easily track payments, and it improves anonymity.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.

1714790284

Hero Member

Offline

Posts: 1714790284

Ignore

1714790284


	Report to moderator

DannyHamilton

Legendary

Offline

Activity: 3388
Merit: 4615

Re: How can we prevent this attack from recurring?

August 13, 2014, 08:28:43 PM

Quote from: Cryddit on August 13, 2014, 08:01:32 PM

Have miners sign the getwork reply?

azeteki

Member

Offline

Activity: 96
Merit: 10

esotericnonsense

Re: How can we prevent this attack from recurring?

August 13, 2014, 09:06:18 PM

Pretty much any boring auth method would work.

You don't need a CA or WoT even to gain a huge improvement on the current status quo.

See SSH 'known hosts'. After first connection, halt work and sound a bell / send e-mail to hardware owner if the key changes.

bitcoind-ncurses - esotericnonsense.com - PGP - old PGP

gmaxwell

Moderator
Legendary

Offline

Activity: 4158
Merit: 8382

Re: How can we prevent this attack from recurring?

August 13, 2014, 09:58:55 PM

BFGminer supports TLS and can do cert validation.

Or better, just run P2Pool. This sort of thing isn't a threat when you're not blindly selling your hashrate to third parties.

-ck

Legendary

Offline

Activity: 4102
Merit: 1631

Ruu \o/

Re: How can we prevent this attack from recurring?

August 15, 2014, 11:13:30 AM

TLS requirement is overkill. Simply preventing redirection to a URL from a different domain is enough to avoid it and has been successful at doing so for a while now. The report is for ancient versions of software that have long since provided protection against it. Mining is changing so rapidly that any news you read outside of these forums is long since ancient and irrelevant by the time it's published.

Developer/maintainer for cgminer, ckpool/ckproxy, and the -ck kernel
2% Fee Solo mining at solo.ckpool.org
-ck

Pages: [1]

Bitcoin Forum > Bitcoin > Mining > How can we prevent this attack from recurring?

« previous topic next topic »

Jump to: