Slashdot Mirror
Nearly 3,000 Bitcoin Miners Exposed Online Via Telnet Ports, Without Passwords (bleepingcomputer.com)
An anonymous reader quotes a report from Bleeping Computer: Dutch security researcher Victor Gevers has discovered 2,893 Bitcoin miners left exposed on the internet with no passwords on their Telnet port. Gevers told Bleeping Computer in a private conversation that all miners process Bitcoin transactions in the same mining pool and appear to belong to the same organization. "The owner of these devices is most likely a state sponsored/controlled organization part of the Chinese government, " Gevers says, basing his claims on information found on the exposed miners and IP addresses assigned to each device. "At the speed they were taken offline, it means there must be serious money involved," Gevers added. "A few miners is not a big deal, but 2,893 [miners] working in a pool can generate a pretty sum." According to a Twitter user, the entire network of 2,893 miners Gevers discovered could generate an income of just over $1 million per day, if mining Litecoin.
Crap, I hope nobody port scans the Kermit server I'm running.
aren't secure anyway, being transmitted in plain text. That's why we have SSH.
It is weird to see new devices with telnet enabled. SSH is reliable technology for quite some time.
$1mil per day: assuming you can find someone who wants to buy $1m worth of bit/lite/chigga-wigga-whatevercoin per day.
which shouldn't be a surprise to anyone.. the chinese government (and you know it's them that's controlling this farm if it's located there) is mining the fuck out of currencies. for this one farm that was 'found', there's no doubt many more; probably hundreds at least as large as this one.
Which you cant.
The Chinese government mozt likely is simply trying to amass enough coins and miners to where they can effectively control the new currencies.
2.5 billion dollars of bitcoin changed hands in the last 24hrs, and 1.7 billion in Litecoin.
Moving a single million is not difficult.
Wrong title from source, the article specifies the model of Litecoin (Scrypt) miners with a respectable but below average 30 mega hash per second. Not 3000 Bitcoin miners.
I wish people would stop saying bitcoins and litecoins are worth millions, if they can't be exchanged for anything of worth.
Coming into the possession of an ancient lead coffin - after discarding the contents - I have formed a number of leaden lozenges. These, stamped with appropriate seals and runes, I declare to be worth five hundred thousand dollars each.
Funny thing is, nobody wants to buy them.
Christ, Telnet is completely unencrypted, so it is completely vulnerable to anyone who can intercept the packets. While it's true that you could transmit encrypted traffic over Telnet, one would presume you would be using the same encryption libraries that are being used by, say, SSH or a VPN host or client, and it is by and large in those libraries that the vulnerabilities lie.
I stopped using Telnet a long time ago, and it is disabled on any production machine, and the firewalls outright block the port, just in case I miss disabling it on some external-facing host.
The world's burning. Moped Jesus spotted on I50. Details at 11.
So should I not have changed their target wallet to my own, then?
or an income of just over 6 million yuanbao per day if mining dogecoin.
You... You are not well informed.
The sum here ($1M) is trivial in the bitcoin world, more than 2000x that was traded in the last day.
As for value, my miners mine the most profitable scrypt coin available at the time, then automatically trade it on the exchanges, then deposit the coins in a coinbase account, which could automatically convert them to fiat (that's dollars, btw). My miners bring in about $700/day, sometimes a little more, sometimes a little less. It costs me $608 to power them for a month. The value is very definitely observable to me, it's having a second income but not having to do anything to get it.
That said, the summary is confusing - bitcoin miners generally don't mine litecoin, so it's not clear where the $1M/day comes from
By miners how many and what specs? PC or ASIC setups? Just curious as I plan to build a small server farm.
likewhoa
Wow TELNET has been in the news a lot lately.
or an income of just over 6 million yuanbao per day...
Now that's a funny mental image...
Oh. You've absolutely no idea what a yuanbao is, do you? And neither does your Twitter buddy, evidently.
Anyhow, thanks for the chuckle.
Il n'y a pas de Planet B.
assuming you can find someone who wants to buy $1m worth of bit/lite/chigga-wigga-whatevercoin per day.
2.5 billion dollars of bitcoin changed hands in the last 24hrs, and 1.7 billion in Litecoin.
Moving a single million is not difficult.
Parent didn't ask about moving bitcoin, parent asked about selling them (a subset of moving them). It's perfectly possible to move 2.5b worth of Bitcoin around without a single one of them getting changed for dollars.
I'm a minority race. Save your vitriol for white people.
Why would they? They are more interested in making real money.
"2,893 [miners] working in a pool can generate a pretty sum"
Can convert a large amount of electricity to a pretty sum. Its not generated , its just a very poor conversion of money into another kind of money. The only way to really make money is to steal the power... which most of them do.
in gravatai morada do vale 1 rio grande do sul brazil there's a criminal organization that uses bitcoin to operate, they work with drug smuggling and child prostitution, the local police force is involved, crooked politicians are also involved, like yeda dilma and maria do rosario
Out of interest.. what soft of setup allows you to mine $700/day? What would a setup like that cost (setup cost not electricity cost) ?
Of course bitcoin can be exchanged for anything of worth. This is obvious to anyone who does a few minutes of research into the subject.
The question then naturally becomes, why do you claim differently when you obviously haven't done that research? What purpose does your post serve?
(20% of all remittance between South Korea and the Philippines is done via Bitcoin. Overstock are extremely happy with their sales in bitcoin. Those were two examples of actual use - I'll let you find all the rest yourself)
it's in my head
This article and all the reposted/rewritten variants now spreading around just make it painfully obvious that the writers (and editors if they exist) have an extremely limited grasp of how cryptocurrency actually works. It also shows a complete lack of verification of the article - just whack some text together based on a handful of Twitter posts, click publish and bam! You've now become a leading edge cryptocurrency reporter!
Getting down to the facts the units mentioned in the article are *NOT* Bitcoin miners (sha256), but rather Litecoin miners (scrypt). They are old first/second gen 25MH units, so not very efficient but that's not much of a concern with subsidized power. Crunching the numbers correctly shows a different picture:
2893 * 25MH = 72.32GH
72.32GH on a Litecoin pool directly:
24 hours 54.44504517 LTC 4411.68 USD
7 days 381.11531616 LTC 30881.77 USD
30 days 1633.35135498 LTC 132350.46 USD
72.32GH on Nicehash selling scrypt power is much more profitable though:
Past 24 hours 1.33988376 BTC (6237.16 USD)
Past 7 days 9.23010895 BTC (42966.16 USD)
Past 30 days 48.79039546 BTC (227119.29 USD)
Correct me if I'm wrong but $6,237/day is a little bit less than a million dollars per day. Of course, an article about the chance to steal $1mil/day is much more likely to receive traffic than an article about stealing $6k/day.
assuming you can find someone who wants to buy $1m worth of bit/lite/chigga-wigga-whatevercoin per day.
2.5 billion dollars of bitcoin changed hands in the last 24hrs, and 1.7 billion in Litecoin.
Moving a single million is not difficult.
Parent didn't ask about moving bitcoin, parent asked about selling them (a subset of moving them). It's perfectly possible to move 2.5b worth of Bitcoin around without a single one of them getting changed for dollars.
And it is also perfectly possible to move the dollar amounts in question ($1m) as well.
I was in a thread recently where several people were fighting this point, I don't really understand where the sentiment comes from, the data, volume and order books are right on the exchanges. Is there some documentary or something that says otherwise?