bitCoin & Ethereum wallets facing intense scans

As the market is facing a bull rundown toward the end of the year hackers have stepped up their game to take advantage of the opportunities. They have started using an aggressive technique to mass internet scan!

bitBoin scans

Here are a few bitCoin scans that are trying to detect server paths for file names specific to your bitCoin wallets:

  • wallet — Copy.dat
  • wallet.dat
  • wallet.dat.1
  • wallet.dat.zip
  • wallet.tar
  • wallet.tar.gz
  • wallet.zip
  • wallet_backup.dat
  • wallet_backup.dat.1
  • wallet_backup.dat.zip
  • wallet_backup.zip

These scans are not new and have been around, but the noticable thing about them is how many scans are going on right now, there have been an over scanning activity that has never been seeing before.

ethereum scans

Hackers are also scanning for file paths specific to ethereum vWallets as well. They are using blind requests to JSON-RPC interface of ethereum nodes.

This type of program activity happens on a clients local computer or device, the API for ethereum is only exposed locally. The activity of moving and exchanging funds is where the vulnerability lies.

If you are running ethereum nodes you need to disable the JSON-RPC interface’s inbound queries or proxy requests via an intermediary server so that you can authorize only approved transactions between both parties.

Like what you read? Give calastinone a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.