download

A controversial function in Antminer firmware by the Chinese bitcoin mining gear producer Bitmain might potentially lead to malicious shutdown of mining machines.

The code named Antbleed was a backdoor allowing to remotely put mining equipment offline. Every 11 minutes Antminer machines connect to the Internet and contact a “port 7000 service” on the Bitmain’s address auth.minerlink.com and transfer identification information, namely IPs, MAC addresses and serial numbers of the hardware. Currently, the domain is irresponsive but as it starts connecting to IP addresses, it can return the message “false”, which would stop the mining machine.

The backdoor was added to the open source firmware code in July 2016. The bug affects most of Antminer machines, such as S9, T9, R4 and Litecoin’s L3.

The vulnerability posed a serious threat to bitcoin hashrate, the Bitcoin Core developer Peter Todd declared.

Todd admits that the bug might occur due to Bitmain’s lack of competence in cybersecurity.

“But given the history we have of miners threatening with attacks, it wouldn't surprise me if this was added as a last resort option for shutting down competitors if they needed to push something through with hashing power,” Todd told Bitcoin Magazine.

Bitmain developers deny that the function is a bug or was introduced with the malicious intent to control users’ equipment. According to them, the purpose of the backdoor was to remotely halt operation of hijacked or stolen mining machines.

Yet, Bitmain has released an urgent update fixing the controversial code.

Elena Platonova