As if Bitmain’s year hasn’t been rough enough, having posted big losses and laying off entire departments, its flagship product now has a firmware vulnerability.
A few weeks ago, Bitcoin Core contributor James Hilliard discovered an exploit in Bitmain’s S15 firmware. The pseudonymous Twitter user 00whiterabbit[1], also known simply as “john,” subsequently wrote exploit code based on Hilliard’s findings. A video[2] proving that the exploit code worked was shared on Hilliard’s Twitter account last week.
Hilliard is offering to disclose the vulnerability to Bitmain but under one condition: Bitmain would have to comply to the GNU General Public License[3] (GNU GPL), the popular open source license that the Chinese mining giant is currently breaching, and open source its firmware.
“Bitmain firmware is very buggy in general,” Hilliard told Bitcoin Magazine, “and it's important for the health of the Bitcoin network that users be able to fix the bugs Bitmain introduces.”
The Exploit
Hilliard, who is perhaps best known for proposing BIP91[4], discovered the vulnerability several weeks ago by auditing a firmware update file on Bitmain’s support site. While details have not yet been disclosed, the exploit was found in firmware of the S15, the company’s most powerful SHA256 miner in store. Hilliard thinks the same vulnerability almost certainly exists in all of Bitmain’s mining firmware.
“I’m also quite sure there are many other vulnerabilities in the firmware,” he added. “It is very poorly designed when it comes to security.”
When exploited, the vulnerability gives users root access to the machine — which is supposed to be impossible. In theory, this can be done remotely using just the IP address of the miner, and means the machine can be reprogrammed to do just about anything. This includes
