Miner Virus Prevention & Solutions Guide

Many people who are into mining would have faced attacks from hackers at some point in time or the other. As a result of these hacks, the hackers will steal the hash rate of your miner. They will also tamper with your mining pool. This hack happens to occur because people tend to browse irregular websites. It can also happen when you use third-party software programs or programs to overclock the firmware. Such programs are dangerous for your computer as well as the mining system. If you are using a second-hand miner, then also this issue can occur. Also, if you have given the miner for servicing at an unauthorized service centre, the hack can happen. This hack is primarily due to the virus that has penetrated the system.

 

What are the Typical Symptoms of Virus Infection?

 

Sometimes, you will not know about the virus infection at all. So, we will share some typical symptoms that you can notice in the mining system if any virus is present in the system.

  1. There will be tampering with workers in the mining pools.

crypto miner virus prevention

  1. The hackers will block you from doing a firmware upgrade on the Antminer. If you try to upgrade the miner, you can see a 120 seconds timer count down happening. You can see the prompt showing the percentage of downloads at the bottom of the browser. It will be visible only in the case of the Google Chrome browser. Now, the upgrading process can be only done by the manufacturer of the miner.
  2. They will tamper with all the passwords on the configuration page of the miner. The passwords will be changed to another value. Thus, they will block your access to the mining system. Thu, you will get locked out from the miners.
  3. If the network and the hardware are in the normal state, you may see the hash rate suddenly dropping to zero. The hackers are stealing the hash rate from the background. If you try to upgrade the firmware, you will get a failure.

 

What are the Preventive Measures?

We recommend using the following measures to prevent any kind of virus attack on your mining system.

  1. We strongly recommend not to visit any unauthorized or unidentified websites.
  2. It is recommended not to download any firmware from third-party websites. There are many overclocking firmware programs for the Antminer models S9 and T9+ available on the internet. Please make sure to download and use the original firmware from the miner manufacturer’s website.
  3. You must change the password for logging into the miner at regular intervals. It is to prevent any unauthorized access.
  4. If you are using a second-hand miner or a machine repaired from an unauthorized service centre, you must flash the latest firmware downloaded from the miner manufacturer’s website before using it. You must also change the login details before use.

 

What are the Solutions?

The possible solutions that will help to protect the miner from such attacks are given below.

 

  1. Isolation of the Network

You need to isolate your mining network. First, you must check all the computers that are connected to the network to ensure that there is no virus present in the miners. If you find any miner infected with any virus, you must remove it from the network immediately.

  1. There is a secondary rominer1uting procedure for the isolation of the mining system. It is given below.

You can divide the network into 3 zones. The first zone contains systems with virus infection, the second zone with systems recovered from viruses, and the final zone has systems with no infection machines.

You don’t have to include any routing point toward other routers. You can go with the default settings.

You need to ensure that the primary router’s main cable is connected to the secondary router’s WLAN port.

Make sure that the LAN port of the secondary router is connected to the switch.

You will get the IP address of the miner from the secondary router.

  1. You need to do network isolation at the subnet level. You will have to do it at the network convergence layer. It is to ensure that there is no mutual communication between the internal subnets.
  2. You can block the HTTP, HTTPS, and FTP protocols on the output devices. It is to prevent the virus attack on the miners.

 

  1. Restore the default settings

You can make use of the SD card to reload the original firmware in all the machines. It will help to resolve most of the problems. You can download the Antminer image from the official website of the manufacturer. You will have to download two image files, the .img one and the .imgc one.

 

  1. Change the login Password of the Miner

It is very important to change the login password of the miner once you restore the default settings of the miner. Do not set simple passwords. Instead, try to set complex passwords that are difficult to guess. You can use the following steps to change the login password.

 

Steps to change the password of a single miner

  1. You will have to go to the configuration page of the miner. Click on the System tab, and you will find the Administration tab, click on it. Now, you can see the option to change the password. You need to enter the existing password in the Current Password section. Then, you need to enter the new password in the New Password section and the Confirmation section. Click on Save & Apply button once you are done to confirm the new password.

crypto miner virus prevention 2

  1. Once the system takes your input, you will see Updating Password as the status.

crypto miner virus prevention 3

 

Steps to change the password of a batch of miners

  1. You need to use another tool to change the password of a batch of miners. You can use the APMinerTool for the password change here. First, install and open this software program. You can see the different miners in the batch in this program. Next, you need to select all the miners that you want to modify the password. After selecting, click on the Change Password button.

crypto miner virus prevention 4

 

  1. Now, you will see a new popup window. You need to enter your old password in this window. You can also enter the new password a couple of times in this popup window. Finally, press the OK button once you are done.

crypto miner virus prevention 5

  1. You need to check the running status. If you are able to see Modified Successfully in the status, it indicates that you have successfully changed the password.

Appendix

Series articles on crypto miner maintenance:

Scroll to Top