Satori.Coin.Robber (botnet) is now hacking Ethereum mining rigs

Satori.Coin.Robber (botnet) is now hacking Ethereum mining rigs by replacing wallet address

 

A new variant of the Satori botnet has appeared. This new Satori.Coin.Robber variant is aimed to hack into Claymore mining rigs and replacing the mining wallet address with the attacker’s wallet. This is primarily targeted at rigs for mining the Ethereum (ETH) cryptocurrency.

 

This was first detected on Jan 8 by Qihoo 360 Netlab security researchers.

 

This botnet scans for ports 52869 (CVE-2014-8361 vulnerability in Realtek SDK-based devices) and 37215 (CVE-2017-17215 zero-day in Huawei routers).

You can secure you mining rog by upgrading to the latest version of the Claymore miner. 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You might also likeclose