A virus targeting bitcoin miners is apparently spreading in China with tens of thousands of dollars lost according to local media.
The virus appears to be targeting Bitmain’s antminers specifically with the hacker demanding 10 btc or the mining gear would be overheated.
The virus, however, can be eliminated by formatting the SD card of the infected miners which is somewhat similar to re-installing an operating system.
Yet that process can take four days during which an entire farm might be down as once a miner is affected, then it quickly spreads to all other miners.
The virus appears to come from an overclocking firmware (software). While a normal Bitmain asics can run at 13.5 terahashes per second, there are methods to speed it up to 18 th/s through overclocking. One such firmware is apparently virus infested.
This seems to have begun around August last year with it detected in Antminer S9, T9 and even litecoin miner L3+. It is a Linux based virus.
“In the mining industry, the Avalon mine machine needs to be controlled by the ‘Raspberry Pi’. The latter is essentially a microcomputer for Linux systems,” BTC.Top’s founder Jiang Zhuo’er said, according to a rough translation, before adding:
“And the Ant Mine has a built-in control panel, quite with the integration of the Linux system, this gives the virus a chance.”
The nature of the virus is evolving to sometime operate in a stealth manner. The hacker can decide when to activate the ransomeware aspect, with one pseudo-anonymous miner, cC, saying he first saw a green screen and then the above pictured message.
Another miner, Wang Wei, said that in the middle of the night a virus secretly changed the mining address of a mine’s 4,000 mining machines into a hacker’s mining address.
That earned the hacker about $8,000 a day with it remaining unclear as to who controls this virus.