Incicent
...
Summary
The hack that occurred on 12/05/2016 to steal 7,218 ethers from Patrick only affects miners where:
...
The hacker sent a continuous stream (every 2 seconds) of sendTransaction(...)
request to Patrick's IP address on port 8545, and this request was forwarded to the geth
instance. When Patrick used the Ethereum Wallet to send a transaction, the Ethereum Wallet unlocked Patrick's account for 2 seconds and the hacker's transaction succeeded in moving Patrick's ethers to the hacker's account.
For more details see the original Stackexchange post
Advice
Info |
---|
This advice covers only a subset of possible attack vectors. For more, see the original Stackexchange post |
1. Never turn on RPC on hot wallets. Even with IP and CORS limited to localhost. Just don't.
...