Wrong Ethereum client configuration enables $20 million theft

Posted 12 June, 2018

A hacking group is said to steal more than $20 million in Ethereum from the Ethereum-based wallets and mining apps.

China-based cybersecurity company Qihoo 360 Netlab stated that the hackers made use of the Ethereum software adjusted for the access to remote procedure call interface on 8545 port.

"The purpose of this interface is to provide access to a programmatic API that an approved third-party service or app can query and interact or retrieve data from the original Ethereum-based service —such as a miner wallet application that users or companies have set up for mining or managing funds," the report reads.

According to the statement, 90% of Ethereum-based software run with RPC, and  even with the active interface the software "are appropriately configured to listen to requests only via the local interface (, meaning from apps running on the same machine as the original mining/wallet app that exposes the RPC interface."

It is worth mentioning, that users have been using incorrectly configured Etherem clients, and their RPC interfaces have been scanned for many years but soared with crypto price upturn. For reference, extremely high scan processes were detected last November.

"Nonetheless, with over $20 million stolen in the last few months just by one group, there are apparently lots of users who can’t be bothered with reading their app’s documentation before setting up an Ethereum wallet or mining rig," Qihoo 360 Netlab commented.

Notably, this interface can provide access to vital functions, so the third-party apps can to browse private keys and make transactions. It is said to be disabled by default, though the developers say that there is a risk of its activation in case of insufficient protection.

Previous story

12 June, 2018 17:13

← Korea-based banks to integrate blockchain verification system

The Korea Federation of Banks (KFB) is said to the express intentions to implement bockchain-based ID verification system for local banks just within a few weeks.  The new system will be called BankSign and is planned for the launch this July after the trials started in April, as stated KFB statement.

Korea-based banks to integrate blockchain verification system

Next story

12 June, 2018 15:14

First crypto company to appear in listing on London Stock Exchange →

London Stock Exchange has reportedly approved the listing of a new company – Argo Blockchain. The company provides remote mining services with a monthly payment. Considering that LSE is one of the oldest stock exchanges in the world, entering of the first crypto company is definitely a big event for the whole sector.

First crypto company to appear in listing on London Stock Exchange
Write a comment
Prove you’re not a bot + 19 = 26