QueenAnt Exploit Lets Hackers Change The Antminer Bitcoin Payout Address

Antminer is one of the most popular Bitcoin hardware manufacturers in the world. The company has built up a solid reputation through their line of Antminer devices, and customers have shown their support for the company throughout the years. But one Australian researcher notices how it is possible to hijack an Antminer through a software flaw in the open source mining software.

Is It Feasible To Hijack an Antminer?

The Antminer devices are primarily configured to be used with the CGminer open source software. Tim Noise, an Australian security researcher, mentions how there is a vulnerability in the configuration of this software that can be exploited. As a result, hackers could take control of any Antminer actively mining Bitcoin.

To be more precise, the device itself would continue its operations as it always has. However, the rewards from mining can be sluiced to a different Bitcoin address. QueenAnt, as this exploit is dubbed, can be found on GitHub. Although this may appear to be an issue with CGMiner itself, the cause lies much deeper.

Noise explains how the vulnerability can be exploited. CGMiner accepts incoming TCP connections through an RPC interface.

Read more ... source: TheBitcoinNews