The hack that occurred on 12/05/2016 to steal 7,218 ethers from Patrick only affects miners where:
- Incoming RPC connections from the Internet on TCP port 8545 are forwarded to the machine running the Ethereum node software
gethis running with the parameters
- The Ethereum Wallet (Mist) is used on the same
gethmachine and is used to send a transaction, requiring the
gethaccount to be unlocked for a 2 second period.
The hacker sent a continuous stream (every 2 seconds) of
sendTransaction(...) request to Patrick's IP address on port 8545, and this request was forwarded to the
geth instance. When Patrick used the Ethereum Wallet to send a transaction, the Ethereum Wallet unlocked Patrick's account for 2 seconds and the hacker's transaction succeeded in moving Patrick's ethers to the hacker's account.
For more details see the original Stackexchange post
1. Never turn on RPC on hot wallets. Even with IP and CORS limited to localhost. Just don't.
2. Never turn on IPC on a machine you don't feel you have complete control about the security. Or use parity.
3. Don't use accounts to store huge amounts of ether. Use multisignature contracts.
4. Don't use online computers to store huge amounts of ether. User air gapped machines or paper wallets.