Bitcoin Forum
December 18, 2018, 08:36:06 PM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: How can we prevent this attack from recurring?  (Read 1136 times)
Cryddit
Legendary
*
Offline Offline

Activity: 910
Merit: 1037


View Profile
August 13, 2014, 08:01:32 PM
 #1

http://www.secureworks.com/cyber-threat-intelligence/threats/bgp-hijacking-for-cryptocurrency-profit/

1) Get access to a switch at an ISP (or, really, anywhere in the network fabric)
2) Divert mining getwork requests to the cracker's own pool server
3) Run a mining pool that none of the participants know they're in
4) Don't pay the participants.
5) Profit!

1545165366
Hero Member
*
Offline Offline

Posts: 1545165366

View Profile Personal Message (Offline)

Ignore
1545165366
Reply with quote  #2

1545165366
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
DannyHamilton
Legendary
*
Offline Offline

Activity: 2198
Merit: 1385



View Profile
August 13, 2014, 08:28:43 PM
 #2

http://www.secureworks.com/cyber-threat-intelligence/threats/bgp-hijacking-for-cryptocurrency-profit/

1) Get access to a switch at an ISP (or, really, anywhere in the network fabric)
2) Divert mining getwork requests to the cracker's own pool server
3) Run a mining pool that none of the participants know they're in
4) Don't pay the participants.
5) Profit!

Have miners sign the getwork reply?

azeteki
Member
**
Offline Offline

Activity: 96
Merit: 10

esotericnonsense


View Profile WWW
August 13, 2014, 09:06:18 PM
 #3

Pretty much any boring auth method would work.

You don't need a CA or WoT even to gain a huge improvement on the current status quo.

See SSH 'known hosts'. After first connection, halt work and sound a bell / send e-mail to hardware owner if the key changes.

gmaxwell
Moderator
Legendary
*
Offline Offline

Activity: 2590
Merit: 1757



View Profile
August 13, 2014, 09:58:55 PM
 #4

BFGminer supports TLS and can do cert validation.

Or better, just run P2Pool. This sort of thing isn't a threat when you're not blindly selling your hashrate to third parties.

Bitcoin will not be compromised
-ck
Moderator
Legendary
*
Offline Offline

Activity: 2730
Merit: 1148


Ruu \o/


View Profile WWW
August 15, 2014, 11:13:30 AM
 #5

TLS requirement is overkill. Simply preventing redirection to a URL from a different domain is enough to avoid it and has been successful at doing so for a while now. The report is for ancient versions of software that have long since provided protection against it. Mining is changing so rapidly that any news you read outside of these forums is long since ancient and irrelevant by the time it's published.

Developer/maintainer for cgminer and ckpool/ckproxy.
ZERO FEE Pooled mining at ckpool.org, 1% Fee Solo mining at solo.ckpool.org
-ck
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!