{"id":7449,"date":"2018-06-12T01:42:19","date_gmt":"2018-06-12T01:42:19","guid":{"rendered":"https:\/\/www.legitgambling.com\/news\/?p=7449"},"modified":"2018-06-12T01:42:19","modified_gmt":"2018-06-12T01:42:19","slug":"hackers-steal-38642-eth-exploiting-insecurely-configured-nodes","status":"publish","type":"post","link":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/","title":{"rendered":"Hackers Steal 38,642 ETH, Exploiting Insecurely Configured Nodes"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-2985 alignleft\" src=\"https:\/\/www.legitgambling.com\/news\/wp-content\/uploads\/2018\/01\/ethereum.jpg\" alt=\"\" width=\"380\" height=\"250\" \/>Chinese cyber-security company Qihoo 360 has identified a massive exploitation of vulnerability, leading to a loss of more than $20 million worth Ethers. The hackers have been targeting nodes which have insecurely enabled JSON-RPC, an interface on Geth &#8211; a client for running an Ethereum node.<\/p>\n<p>By configuring JSON-PRC in an insecure manner, users have open a path to remotely access the Ethereum blockchain and send Ethers from any account, which has been unlocked earlier on to perform a transaction. Hackers have been using this vulnerability to steal 38,642 ETH, worth about $20.50 million.<\/p>\n<p>Geth works similar to an internet browser such as Chrome, which provides access to the internet. Notably, the issue was highlighted <a href=\"https:\/\/blog.ethereum.org\/2015\/08\/29\/security-alert-insecurely-configured-geth-can-make-funds-remotely-accessible\/\">by the Ethereum team three years ago<\/a>.<\/p>\n<p>At that time, the Ethereum team issued as advice to its users through a blog post:<\/p>\n<blockquote><p>\u201cIt\u2019s come to our attention that some individuals have been bypassing the built-in security that has been placed on the JSON-RPC interface. The RPC interface allows you to send transactions from any account which has been unlocked prior to sending a transaction and will stay unlocked for the entirety of the session.<br \/>\nBy default, RPC is disabled, and by enabling it it is only accessible from the same host on which your Ethereum client is running. By opening the RPC to be accessed by anyone on the internet and not including a firewall rules, you open up your wallet to theft by anybody who knows your address in combination with your IP.\u201d<\/p><\/blockquote>\n<p>Earlier in March, Qihoo 360 Netlab issued an alert about a group of hackers who had stolen 3.96234 Ethers after scanning the internet for port 8545 to trace insecure Geth clients running Ethereum nodes. Now, it has been found that the scale of theft is larger than previously estimated.<br \/>\n<center><\/p>\n<blockquote class=\"twitter-tweet\" data-cards=\"hidden\" data-lang=\"en\">\n<p dir=\"ltr\" lang=\"en\">Someone tries to make quick money by scanning port 8545, looking for geth clients and stealing their cryptocurrency, good thing geth by default only listens on local 8545 port. So far it has only got 3.96234 Ether on its account, but hey it is free money! <a href=\"https:\/\/t.co\/YVSWlMtYGa\">pic.twitter.com\/YVSWlMtYGa<\/a><\/p>\n<p>\u2014 360 Netlab (@360Netlab) <a href=\"https:\/\/twitter.com\/360Netlab\/status\/974374944711815168?ref_src=twsrc%5Etfw\">March 15, 2018<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<\/center><\/p>\n<p>The group of cyber criminals was specifically looking for users who had left their JSON-RPC port 8545 open for access to anyone on the internet. It was also found that hackers have waged multiple attacks on the insecure nodes. The problem highlights the need for a thorough understanding of security protocols which should be followed by users operating nodes on a blockchain network.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Chinese cyber-security company Qihoo 360 has identified a massive exploitation of vulnerability, leading to a loss of more than $20 million worth Ethers. The hackers have been targeting nodes which have insecurely enabled JSON-RPC, an interface on Geth &#8211; a client for running an Ethereum node. By configuring JSON-PRC in an insecure manner, users have [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[68,70],"tags":[],"class_list":["post-7449","post","type-post","status-publish","format-standard","hentry","category-cryptocurrency","category-ethereum"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hackers Steal 38,642 ETH, Exploiting Insecurely Configured Nodes<\/title>\n<meta name=\"description\" content=\"Chinese cyber-security company Qihoo 360 has identified a massive exploitation of vulnerability, leading to a loss of more than $20 million worth Ethers. The hackers have been targeting nodes which have insecurely enabled JSON-RPC, an interface on Geth - a client for running an Ethereum node.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers Steal 38,642 ETH, Exploiting Insecurely Configured Nodes\" \/>\n<meta property=\"og:description\" content=\"Chinese cyber-security company Qihoo 360 has identified a massive exploitation of vulnerability, leading to a loss of more than $20 million worth Ethers. The hackers have been targeting nodes which have insecurely enabled JSON-RPC, an interface on Geth - a client for running an Ethereum node.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-12T01:42:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.legitgambling.com\/news\/wp-content\/uploads\/2018\/01\/ethereum.jpg\" \/>\n<meta name=\"author\" content=\"Cameron Bishop\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Cameron Bishop\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\\\/\"},\"author\":{\"name\":\"Cameron Bishop\",\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/#\\\/schema\\\/person\\\/0e2e077765174748afc2362c890e3f91\"},\"headline\":\"Hackers Steal 38,642 ETH, Exploiting Insecurely Configured Nodes\",\"datePublished\":\"2018-06-12T01:42:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\\\/\"},\"wordCount\":412,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/ethereum.jpg\",\"articleSection\":[\"Cryptocurrency\",\"Ethereum\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\\\/\",\"url\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\\\/\",\"name\":\"Hackers Steal 38,642 ETH, Exploiting Insecurely Configured Nodes\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/ethereum.jpg\",\"datePublished\":\"2018-06-12T01:42:19+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/#\\\/schema\\\/person\\\/0e2e077765174748afc2362c890e3f91\"},\"description\":\"Chinese cyber-security company Qihoo 360 has identified a massive exploitation of vulnerability, leading to a loss of more than $20 million worth Ethers. The hackers have been targeting nodes which have insecurely enabled JSON-RPC, an interface on Geth - a client for running an Ethereum node.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/ethereum.jpg\",\"contentUrl\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/ethereum.jpg\",\"width\":380,\"height\":250},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/#website\",\"url\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/\",\"name\":\"\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/#\\\/schema\\\/person\\\/0e2e077765174748afc2362c890e3f91\",\"name\":\"Cameron Bishop\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f635e871248df28d6828ec38af2b48c04796e65e714639cfa0c2d3d1c91b0bc7?s=96&d=monsterid&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f635e871248df28d6828ec38af2b48c04796e65e714639cfa0c2d3d1c91b0bc7?s=96&d=monsterid&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f635e871248df28d6828ec38af2b48c04796e65e714639cfa0c2d3d1c91b0bc7?s=96&d=monsterid&r=g\",\"caption\":\"Cameron Bishop\"},\"description\":\"Cameron works tirelessly behind the scenes ensuring his many US news stories are factual, informative and brought to you in a timely fashion before most other media outlets have them. He is an investigative journalist at heart who also has a fond interest in the money and business markets too.\",\"url\":\"https:\\\/\\\/www.legitgambling.com\\\/news\\\/author\\\/cameron-bishop\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers Steal 38,642 ETH, Exploiting Insecurely Configured Nodes","description":"Chinese cyber-security company Qihoo 360 has identified a massive exploitation of vulnerability, leading to a loss of more than $20 million worth Ethers. The hackers have been targeting nodes which have insecurely enabled JSON-RPC, an interface on Geth - a client for running an Ethereum node.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/","og_locale":"en_US","og_type":"article","og_title":"Hackers Steal 38,642 ETH, Exploiting Insecurely Configured Nodes","og_description":"Chinese cyber-security company Qihoo 360 has identified a massive exploitation of vulnerability, leading to a loss of more than $20 million worth Ethers. The hackers have been targeting nodes which have insecurely enabled JSON-RPC, an interface on Geth - a client for running an Ethereum node.","og_url":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/","article_published_time":"2018-06-12T01:42:19+00:00","og_image":[{"url":"https:\/\/www.legitgambling.com\/news\/wp-content\/uploads\/2018\/01\/ethereum.jpg","type":"","width":"","height":""}],"author":"Cameron Bishop","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Cameron Bishop","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/#article","isPartOf":{"@id":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/"},"author":{"name":"Cameron Bishop","@id":"https:\/\/www.legitgambling.com\/news\/#\/schema\/person\/0e2e077765174748afc2362c890e3f91"},"headline":"Hackers Steal 38,642 ETH, Exploiting Insecurely Configured Nodes","datePublished":"2018-06-12T01:42:19+00:00","mainEntityOfPage":{"@id":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/"},"wordCount":412,"commentCount":0,"image":{"@id":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/#primaryimage"},"thumbnailUrl":"https:\/\/www.legitgambling.com\/news\/wp-content\/uploads\/2018\/01\/ethereum.jpg","articleSection":["Cryptocurrency","Ethereum"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/","url":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/","name":"Hackers Steal 38,642 ETH, Exploiting Insecurely Configured Nodes","isPartOf":{"@id":"https:\/\/www.legitgambling.com\/news\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/#primaryimage"},"image":{"@id":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/#primaryimage"},"thumbnailUrl":"https:\/\/www.legitgambling.com\/news\/wp-content\/uploads\/2018\/01\/ethereum.jpg","datePublished":"2018-06-12T01:42:19+00:00","author":{"@id":"https:\/\/www.legitgambling.com\/news\/#\/schema\/person\/0e2e077765174748afc2362c890e3f91"},"description":"Chinese cyber-security company Qihoo 360 has identified a massive exploitation of vulnerability, leading to a loss of more than $20 million worth Ethers. The hackers have been targeting nodes which have insecurely enabled JSON-RPC, an interface on Geth - a client for running an Ethereum node.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.legitgambling.com\/news\/hackers-steal-38642-eth-exploiting-insecurely-configured-nodes\/#primaryimage","url":"https:\/\/www.legitgambling.com\/news\/wp-content\/uploads\/2018\/01\/ethereum.jpg","contentUrl":"https:\/\/www.legitgambling.com\/news\/wp-content\/uploads\/2018\/01\/ethereum.jpg","width":380,"height":250},{"@type":"WebSite","@id":"https:\/\/www.legitgambling.com\/news\/#website","url":"https:\/\/www.legitgambling.com\/news\/","name":"","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.legitgambling.com\/news\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.legitgambling.com\/news\/#\/schema\/person\/0e2e077765174748afc2362c890e3f91","name":"Cameron Bishop","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f635e871248df28d6828ec38af2b48c04796e65e714639cfa0c2d3d1c91b0bc7?s=96&d=monsterid&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f635e871248df28d6828ec38af2b48c04796e65e714639cfa0c2d3d1c91b0bc7?s=96&d=monsterid&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f635e871248df28d6828ec38af2b48c04796e65e714639cfa0c2d3d1c91b0bc7?s=96&d=monsterid&r=g","caption":"Cameron Bishop"},"description":"Cameron works tirelessly behind the scenes ensuring his many US news stories are factual, informative and brought to you in a timely fashion before most other media outlets have them. He is an investigative journalist at heart who also has a fond interest in the money and business markets too.","url":"https:\/\/www.legitgambling.com\/news\/author\/cameron-bishop\/"}]}},"_links":{"self":[{"href":"https:\/\/www.legitgambling.com\/news\/wp-json\/wp\/v2\/posts\/7449","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.legitgambling.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.legitgambling.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.legitgambling.com\/news\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.legitgambling.com\/news\/wp-json\/wp\/v2\/comments?post=7449"}],"version-history":[{"count":0,"href":"https:\/\/www.legitgambling.com\/news\/wp-json\/wp\/v2\/posts\/7449\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.legitgambling.com\/news\/wp-json\/wp\/v2\/media?parent=7449"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.legitgambling.com\/news\/wp-json\/wp\/v2\/categories?post=7449"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.legitgambling.com\/news\/wp-json\/wp\/v2\/tags?post=7449"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}