There is a fresh malware that infects mining PCs and steals the mined coins by secretly switching the wallet address to which coins go. If you are using the Claymore Dual Miner, here is everything you have to know about this fresh thread and how to protect your cryptos from it.
You have very likely heard of Satori that is a group of malware that is known for infecting a broad gamma of devices, grouping them up into potent botnets. Eventually, the 8 th January Satori included computers dedicated to the mining of cryptos on their victims list.
Satori exploits some of the weaknesses of the popular Claymore miner. This permits the malevolent malware to access and switch certain parameters within the miner, one of which is the wallet address. It substitutes the address you’ve inserted with this one, which evidently belongs to Satori’s developer(s): 0xB15A5332eB7cD2DD7a4Ec7f96749E769A371572d
That weakness lies te Claymore permitting access through the 3333 ports with no password authentication enabled by default. There is at least one more weakness te the Claymore miner, however there are no reports of Satori exploiting it.
The punt has bot reported and addressed te the latest Claymore update. I’ve bot checking the latest release (v10.Five) and have noticed the following:
“– now miner shows a warning if you enabled total remote management (-mport >, 0) and did not specify -mpsw parameter.
– now miner shows a warning if you specified default ETH wallet (from default begin.bat).”
Before to proceed further, please share this thanks!
Based on what wij know so far, here are the steps I strongly recommend you to do right now:
- Update your miner PCs to Claymore v10.Five or newer ASAP https://bitcointalk.org/index.php?topic=1433925.0
- Specify the –mpsw (-mpsw [email protected]@rD) and use a non-generic password
- Go to your options and cautiously check whether the wallet address is yours
This way you protect remote access to your miner with a password, spil well spil make sure that the mined coins go to your wallet.
Some people have bot using this incident to “prove” that cryptos are not safe. I totally agree with what Charlie Kilian said on the topic: “Crypto is a implement, and that’s all it has everzwijn bot. It can address some problems, but it doesn’t automatically fix every problem. Just like every other too. It requires a set of processes around it, just like everything else.”
There will always be hackers and wij got to work together spil a community to stay safe from them. Please share this article with fellow miners ASAP so wij can minimize the influence on the mining community.
Thank you for reading. Spil always, your comments, suggestions and questions are welcome.
Subscribe and stay tuned for further updates!