The Antbleed Backdoor Antbleed is a backdoor introduced by Bitmain into the firmware of their bitcoin mining hardware Antminer. The firmware checks-in with a central service randomly every 1 to 11 minutes. Each check-in transmits the Asic bitcoin mining machine serial number, MAC address and IP address. Bitmain can use this check-in data to cross check against customer sales and delivery records making it personally identifiable.
The remote service can then return “false” which will stop the miner from mining. It can also be used to directly target specific machines or customers. Standard inbound firewall rules will not protect against this because the Antminer makes outbound connections. Even without Bitmain being malicious, the API is unauthenticated and would allow any MITM, DNS or domain hijack to shutdown Antminers globally. Additionally the domain in question DNS is hosted by Cloudflare making it trivially subjected to government orders and state control.
All recent S9 hardware is affected, except possibly very early generation S9s. Additionally, L3, T9 and R4 series hardware are likely to be affected as well. The commit date for the backdoor kill switch is July 11th, 2016, if your firmware claims to be after this date that is a good indication that your Bitmain hardware is affected. If your miner is vulnerable it will cease mining within 11 minutes, or you can reboot your miner and the connection will be made on startup. This will cause the Antminer to connect to your own local machine bypassing the check-in with Bitmain without interrupting normal mining behavior.
Is This Just A User Feature? The domain and port are hard coded in the source files, theres no way to change them without recompling and loading new firmware. There is no way a user could make use of it in any realistic way. Crypto ASIC blog dedicated to the intersection of two big passions: a lifetime career in digital system design, and my work since 2013 in cryptocurrency. Most visiting here know me as the lead engineer at dcrASIC, and I’m sure you are excited as I am about our ASIC developments for Decred.
A big topic here is news and insight about my work there. I also hope that you take away from your visits here a greater understanding of ASIC technology. You will find recent articles below, and archived ones in the menu. I’m just getting started with this blog, so check back regularly, or subscribe to keep up with news and posts. If you have questions, feel free to Email me, and I’ll try to address in a post.