Antminer has a vulnerability that can cause coins to be lost? Bitmain responds: It was a false alarm

Antminer is one of the world's most famous Bitcoin hardware manufacturers. Recently, a foreign community reported that an Australian researcher pointed out that Antminer could be hijacked through a flaw in an open source mining software.

The main configuration of the Antminer uses the CGminer open source software. The report said that Australian security researcher Tim Noise pointed out a vulnerability in the software configuration that hackers could exploit to control all Antminer mining activities.

“The vulnerability is called QueenAnt, and information about QueenAnt can be viewed on GitHub. Although on the surface it appears to come from CGMiner itself, the cause is much deeper.

Noise explained how the vulnerability could be exploited. CGMiner accepts incoming TCP connections via the RPC interface. Each Antminer runs the OpenWRT operating system, including CGMiner for all mining programs. This is an OpenWRT LuCi web interface that collects data from the RPC interface and does not require a username or password. This would allow the hacker to inject their Bitcoin address to receive mining rewards instead of the miner's Bitcoin address."

The article argues that the Antminer S5 is quite vulnerable to these attacks.

Pan Zhibiao, Director of Product and R&D at Bitmain, responded:

“This is not a vulnerability in the strict sense. Since CGminer has relatively large permissions, it is easy to manage and control, but it is also easy for hackers to modify it to some extent. However, most mining machines are behind routers and firewalls and are not exposed to the outside world, so the impact is small.”

In fact, there has been no coin loss incident caused by the Antminer "vulnerability" mentioned above, and only the S5 model is affected by the "vulnerability", while the S7 and the S9 that will be launched in batches have been fixed. The so-called "Antminer may be hijacked" is a false alarm.