Versions Compared

Old Version 1

changes.mady.by.user ChristophM

Saved on

compared with

New Version Current

changes.mady.by.user TheTradingHall

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: titlle was too long and trigered an unwanted horizontal srcoll bar

Incicent

...

Summary

The hack that occurred on 12/05/2016 to steal 7,218 ethers from Patrick only affects miners where:

...

The hacker sent a continuous stream (every 2 seconds) of sendTransaction(...) request to Patrick's IP address on port 8545, and this request was forwarded to the geth instance. When Patrick used the Ethereum Wallet to send a transaction, the Ethereum Wallet unlocked Patrick's account for 2 seconds and the hacker's transaction succeeded in moving Patrick's ethers to the hacker's account.

For more details see the original Stackexchange post

Advice

Info
This advice covers only a subset of possible attack vectors. For more, see the original Stackexchange post

1. Never turn on RPC on hot wallets. Even with IP and CORS limited to localhost. Just don't.

...