Recently developer James Hilliard, known for his BIP91 proposal (segwit upgrade), discovered a vulnerability in Bitmain’s Antminer S15 firmware, this was then turned into an exploit by independent security researcher under the twitter handle of @00whiterabbit.

The vulnerability allows a malicious hacker to remotely access the miner with SSH, allowing the attacker to flash a custom firmware without ever being in physical presence with the device. Flashing a firmware could cause an array of problems like decreasing its hash rate by underclocking its processors, shutting it down or even modifying the payout address of the miner, leaving thousands of miners vulnerable to basically anything the attacker desires under certain circumstances.

Both James Hilliard and @00whiterabbit offered to release this vulnerability to Bitmain on one condition, Bitmain is to comply to the General Public License agreement, Bitmain, by locking access to the firmware, has so far been violating the agreement that dictates that derivatives of GPL code should be open source to allow users and developers to access the code and modify it to create their own derivatives.

Bitmain relies on CGMiner, which is another of Hilliard’s contributions released under GPL, as a part of its Antminer S15’s firmware so its firmware should naturally be open source as it relies on an open source software.

Hilliard demonstrated @00whiterabbit’s exploit in a video tweet on his account:

@BITMAINtech tried and failed to lock down the S15 firmware, I identified the vulnerability and @00whiterabbit wrote/tested the attack code. Once @BITMAINtech complies with the GPL licenses for the firmware I will disclose the vulnerability to them so that they can fix it. pic.twitter.com/zwsAaPQjRL

— James Hilliard (@james_hilliard) February 12, 2019

Resources

• BIP91
• CGMiner