Major Bitcoin mining hardware producer Bitmain tin remotely close downwards well-nigh all active Antminer machines. Dubbed the “Antbleed” backdoor, abuse of the vulnerability could in all probability knock one-half of all hash might on the Bitcoin network offline, with petty to a greater extent than than the press of a button.“Even if Bitmain had no bad intent, this is a gaping safety hole,” said our source, who discovered the backdoor but asked to rest anonymous.The backdoor code tin endure seen on Pastebin in addition to on GitHub, in addition to today a website has been pose upward for Antbleed every bit well.How It WorksThe Antbleed backdoor is “stupid simple,” every bit our rootage described it.Whenever an Antminer appears online, in addition to in 1 lawsuit every 1 to 11 minutes, it contacts a “port 7000 service” on the domain auth.minerlink.com, which is owned yesteryear Bitmain. The domain currently does non connect to whatever IP-address, in addition to thus does nothing.However, the domain could inwards the (near) futurity start connecting to a corresponding IP-address. If that happens, it volition study the Antminer’s series give away every bit good every bit the MAC address in addition to the IP-address to Bitmain. This could endure plenty for the fellowship to link the motorcar to a specific user.“Bitmain tin purpose this information to cross banking concern check against client sales in addition to delivery records making it personally identifiable,” our rootage explained. “And Bitcoin mining is a modest industry, so it shouldn’t fifty-fifty endure hard to connect the machines to specific pools, or blocks.”Once connected, the server the Antminer connects to — Bitmain’s server — sends a message back. If that message is “true”, the motorcar volition proceed mining. But if that message is “false”, the code produces a slice of text that reads: “Stop mining!!!”It seems obvious that this slice of text would brand the motorcar halt mining, which is indeed confirmed yesteryear our source. Additionally, it tin endure verified yesteryear anyone with an affected miner; antbleed.com explains how.All this tin endure verified, since the backdoor is embedded inwards opened upward rootage code. In fact, it seems rather foreign Bitmain would include such a backdoor “out inwards the open”, for anyone to see.Speaking to Bitcoin Magazine, Bitcoin Core developer Peter Todd, who was quick to comment to the lawsuit on Twitter in addition to Reddit, suggested:“Bitmain in all probability underestimated how much rootage code truly does larn audited — it's a mutual myth that code never gets read. Also, if you're going to add together a backdoor, you lot make desire plausible deniability inwards instance it does larn found. Hiding inwards plainly sight, alongside thousands of lines of undocumented code, helps. Perhaps Bitmain volition claim this is truly a feature.”What It AffectsThe backdoor in all probability affects most Antminers inwards purpose today: the S9, the T9 the R4, every bit good every bit Litecoin’s L3.The commit appointment indicates the backdoor was introduced inwards July 2016. This is 1 calendar month afterward the starting fourth dimension S9 machines were shipped. All machines that shipped since July 2016 should convey the backdoor on board, which agency they tin endure close downwards yesteryear Bitmain. Machines that were shipped earlier July 2016, but convey been updated since, should endure vulnerable, too.“It’s hard to say with certainty how much hash might on the Bitcoin network is discipline to the vulnerability,” our rootage said. “But since Bitmain is yesteryear far the marketplace position leader for hardware machines, it’s non a stretch to attribute at to the lowest degree one-half of all hash might to the vulnerable machines. As such, Bitmain could potentially close downwards an enormous portion of Bitcoin’s hash might with the force of a button. In add-on to that, the fellowship tin target specific machines or customers.”And it’s non only Bitmain who could close downwards the machines. Because the connector is unauthenticated, the code volition connect to anything that appears similar “auth.minerlink.com“, which tin endure spoofed yesteryear sure enough 3rd parties. Apart from Bitmain, it could, for example, endure an network service provider, anti-DoS service CloudFlare (used yesteryear Bitmain), or anyone who tin hijack DNS records: rogue ICANN employees, hackers, the U.S. of A. government, in addition to more.“The nicest possible explanation is that Bitmain is incompetent at security, putting the whole Bitcoin network at risk,” Todd concluded. “But given the history nosotros convey of miners threatening with attacks, it wouldn't surprise me if this was added every bit a terminal resort alternative for shutting downwards competitors if they needed to force something through with hashing power.”This floor volition endure updated every bit to a greater extent than tidings becomes available.Bitcoin Magazine reached out to Bitmain for comments, but received no official reply at fourth dimension of publication. The identity of our rootage is known to us in addition to considered to endure reliable.The postal service Bitmain Can Remotely Shut Down Your Antminer (and Everyone Else’s) appeared starting fourth dimension on Bitcoin Magazine.
Read Article Full Bitmain Can Remotely Shut Down Your Antminer (and Everyone Else’s) : http://ift.tt/2q7zYgC
