f.haeder.net

S9 Antminer's root password "admin" - change immediately!!!

I now own a #S9 #Antminer from #Bitmain for some weeks (already). It runs really loud and I turn it only on when I'm out of house or want to have it running. It has a nice web interface and even #SSH with root (some #Linux embeded system). I setup quickly everthing and mining #Peercoins is working as expected (I run it in eco-mode). But what I later found out is that the SSH root password is simply "admin" which is a well-known password.

So here is my advice: If you intend to buy and run it (locally or on public Internet) please *do change* your SSH password! If you fail to do so, somebody might be able to change your pool login data and then he is receiving the coins you want to mine on your electricity bill! And I'm sure that he will then change root password to his own so you have to (somehow?) flush the memory to have factory-default settings (including password, I hope) back.

Here are some pictures of my miner, including screenshots which is just below my computer table (and it can be very noisy): #Nextcloud
#S9 #Antminer #Bitmain #SSH #Linux #Peercoins #Nextcloud antminer bitmain hijacking password root s9

"Your account has been hacked" scam, already saw 5000 BTC being transfered

I guess you already received such mails, claiming being sent from your own email address (which are mostly not, check mail headers, then you will see it) and that the #attacker (scamming is a form of #social-engineering attack) has some "hot stuff". Most claim to have nude pictures from you being published if you don't pay, so it is also a #ransom mail.

As you already may know (or not yet), don't reply and don't buy coins and send them to it. I have traced addresses such #19rtEghbzbyBqmgJLBtUGd9VvVC1s2bKzR and #1NUFhwLSmJPnjBNyjtuFPje54UG9AH1Ruc to accounts where Bitcoins in value of 4000 to 5000 BTCs have been transferred to and from. They seem to push the (illegally obtained coins around over several accounts (I guess thousands of addresses since you can create "limitless" accounts).

Well, interesting to see how many people already falsely belief in such mails (I don't do) and that some other scare sites try to explain that these Bitcoin addresses are viruses (which they are not). If you think that sounds to weird, check your favorite search engine and enter the addresses there.
newer older