$20 Million Ether Hacked From Poorly Configured Ethereum Apps

According to Chinese internet security firm Qihoo 360 Netlab, hackers have stolen $20 million in ether from poorly configured Ethereum mining rigs and third-party applications. Experts at the firm say the cyber-attacks target unsecured Ethereum nodes on the Internet.

Details of the Hack

On March 15, Qihoo 360 Netlab alerted the cryptocurrency community to the activities of hackers scanning the Internet for unsecured Ethereum nodes. At the time, the alleged cybercriminals had stolen 3.96 ETH.

However, recent findings have unearthed another hacker who has managed to steal an even more considerable amount of ether. By hijacking unsecured Ethereum wallet apps, the hacker has managed to siphon off 38,642 ETH worth about $20 million. The image below is the address of the suspected hacker:

The hack exploits the ability of Remote Procedure Call (RPC) interfaces running on port 8545 to access sensitive miner and wallet information. The RPC provides third-party access to this data via a programmatic API. If left unsecured, a hacker could gain access to miner/wallet funds. Thus, the RPC is usually disabled by default on most Ethereum-based apps…

Read Full: $20 Million Ether Hacked From Poorly Configured Ethereum Apps