BitMain is one of the leading Bitcoin mining equipment manufacturers in the world. The company’s AntMiner range of specialized hardware mining equipment makes up for over 70 percent of all the mining hardware, which could be at risk following the discovery of Antbleed security flaw.
According to reports, the serious security issue can potentially affect all BitMain devices, disrupting the Bitcoin mining operation. Antbleed is the name given to a backdoor in the device software that allows AntMiner range of equipment including S9, T9, and R4 platforms to be shut down remotely.
The Antbleed backdoor can be misused to interfere with the equipment’s built-in authentication system. All AntMiner devices have an inbuilt authentication feature where the machines communicate with BitMain’s servers at frequent intervals ranging from one to eleven minutes. During the process, the equipment’s identifier message along with the serial number, MAC address and IP address are sent to the servers. Upon receiving the message, the server is supposed to ping back with approval. If the BitMain server finds any discrepancy in the miner’s communication, it will send a “false” response code that stops the device from mining.
Speaking about the Antbleed threat which was originally a feature, one of BItMain’s representatives said,
“The code running on the machines is open source; everyone can review it so no secret features exist in it. The code that was pointed out is a feature to allow owners of the AntMiners to be able to remotely control their miners. It is not a secret and it does not provide any kind of remote control to BitMain for the AntMiners it does not own or operate in its own mining farms.”
While BitMain has downplayed the seriousness of the issue, the community believes otherwise. Some think that given the practice of BitMain to collect user information, anyone with the right set of tools and the backdoor code, readily available on Pastebin and GitHub can target specific machines to prevent them from mining Bitcoin. It can also leave BitMain users susceptible to hacking and hijacking attacks.
Ref: IBT | Image: NewsBTC