Anonymous person accuses Antminer of having an "Antbleed" backdoor, saying 70% of Bitcoin computing power is vulnerable

According to foreign media bitcoinmagazine, anonymous sources have accused Bitcoin mining hardware manufacturer Bitmain of having an "Antbleed" backdoor in its Antminer machines, which, if abused, could pose a threat to Bitcoin network security.

“Even if Bitmain has no bad intentions, this is a huge security vulnerability,” said the anonymous person, who claimed to have discovered the vulnerability and set up an Antbleed website to publicize it.

Explanation of the "Antbleed" vulnerability

The anonymous person said the Antbleed backdoor was extremely simple.

He explained that when an Antminer is online, it contacts the domain auth.minerlink.com (owned by Bitmain) on port 7000 every 1-11 minutes. This domain is not currently connected to any IP address.

However, this domain name may be connected to the corresponding IP address in the near future. If this happens, it will report the serial number, MAC address and IP address of the Antminer to Bitmain.

Bitmain can then connect to a specific user through this machine.

“Bitmain can use this data to cross-check customers’ sales and delivery records to make them personally identifiable,” the anonymous source said. “Bitcoin mining is a small industry, so it should be easy to link a mining machine to the corresponding mining pool or block.”

Once connected, Bitmain's servers connect to the Antminer and send a message back. If the message is "true," the machine continues mining, but if it's "false," the code generates a text message that says, "Stop mining."

The anonymous person said that this text will stop the miner from mining, and he said that he had tested it on an Antminer. In addition, the anonymous person said that anyone can test it with an Antminer by following the instructions on antbleed.com.

Bitcoin Core developer Peter Todd quickly commented on this on Twitter and Reddit:

“This backdoor has ‘no’ authentication, any man-in-the-middle attacker or DNS attacker can activate it, 70% of the hashrate is vulnerable.”

Bitmain’s response

In response to the backdoor accusation, Bitmain said:

“The code running on the machine is open source and available for everyone to view, so it does not contain secret functions. It is not a secret that the code points to functions that allow Antminer owners to remotely control their miners, and at the same time, Bitmain cannot remotely control Antminers that it does not own.”

What do you think?