Bitcoin Core developer James Gillard has discovered a vulnerability in the device Antminer S15, which in theory allows attackers to completely take control of the ASIC. Simultaneously, the developer is convinced that this is not the only version of the software from Bitmain affected.
@BITMAINtech tried and failed to lock down the firmware S15, I identified the vulnerability and @00whiterabbit wrote/tested the attack code. Once @BITMAINtech complies with the GPL licenses for the firmware I will disclose the vulnerability to them so that they can fix it. pic.twitter.com/zwsAaPQjRL
— James Hilliard (@james_hilliard) February 12, 2019
So, a Twitter user under the nickname @00whiterabbit have modeled the attack, which allowed him to replace the address the payments, turning the device off and even completely replace the software. Despite the fact that the hacker needs to pass the firewall, the risk of attack on the device S15 exist, according to Bitcoin Magazine, with reference to the Gillard.
It is noteworthy that the developer is ready to provide Bitmain data on vulnerability only, provided that the company will open the code of his SOFTWARE, released under the GNU GPL license. Gillard is convinced that the mining giant violated the license terms by hiding code from users.
Recall Bitmain presented models S15 and T15 on the basis of the 7-nanometer chip BM1391 in November last year. Their price was $1475 and $913, respectively.
Subscribe to the channel Forklog in YouTube!
Source
