Recently, our after-sales team has received feedback from some customers, saying that their mines have received malicious attacks. For example, their usernames in the mining pool have been tampered with, or the miners have been abused in unregistered mining pools, resulting in a loss of profit.
Generally, this is because the client visited a malicious website, downloaded and loaded the miner's application.
How to prevent and remove Antminer viruses, malicious attacks and remote attacks?
1. Do not visit any potentially suspicious, unsafe websites.
2. Please do not download or use any firmware not provided by Bitmain, especially firmware that claims to help your S9 or T9 series miners overclock.
3. Change your password and remember it. A strong password is always your first line of defense.
Three steps to handle and eliminate:
1. Quarantine your network (Important!)
If you detect a threat, identify the infected PC or miner.
What is the behavior of the infected miner? You will see that your miner is actually mining a hidden mining pool-a a mining pool that you have not registered, or see your wallet being hijacked and coins were stolen, etc...
Check all your PCs and miners, and determine which PCs or miners are infected with the virus. Then isolate the infected miners to prevent the virus from spreading through the network.
It is important to remove infected PCs or miners from the network or add them to the "quarantine network". Otherwise, the virus will spread as it infects other computers on the network.
(1) Split miners into 3 zones: infectious, under-observation and unharmed zone.
(2) Main router do not need to be routed to the other routers, use the default settings.
(3) Connect main router to the WLAN port of the 1st Quarantine routers.
(4) Then connect the 1st Quarantine routers WLAN port to the switches in 2nd Quarantine.
(5) The IP can be obtained from the routers placed at 1st Quarantine.
2. Restore factory settings
Use the SD card to reset the miner to factory settings, and flush the miner with the latest firmware.
3. Change password
After resetting the miner, the first thing you need to do is to change the miner's password to a strong and secure password.
Go to your miner User Interface> System> Administration.
Please note that the default password for all new miners or reset miners is "root".
Once you see the status is "Updating Password", it means that your new password works like a charm. In addition, please remember your password, because if you do not remember your password, you will not be able to reset or change your password.
How to change the passwords of multiple miners at once?
We know that you not only have one miner, but you may have dozens or hundreds of them. If you want to modify the miner password in batches, you can use our APminerTool (V1.0.7).
Search for the miner you want to change, select all miners and select "change password".
If you still cannot resolve this issue, please contact us for further assistance.