Tiny Bitcoin Miner Plays The Lottery

Usually when we think of Bitcoin miners, we imagine huge facilities of server racks doing nothing but essentially wasting energy, all for the chance that one of those computers amongst the rows will stumble upon the correct set of numbers to get rewarded with imaginary money. The idea being that the more computers, the more chances to win. But just buying one lottery ticket is the only thing technically required to win, at least in theory. And [Data Slayer] is putting this theory to the test with this Bitcoin miner built around a single Raspberry Pi.

This tiny Raspberry Pi Zero does get a little bit of support from an Ant Miner, a USB peripheral which is optimized to run the SHA256 hashing algorithm and solve the complex mathematical operations needed to “win” the round of Bitcoin mining. Typically a large number of these would be arrayed together to provide more chances at winning (or “earning”, to use the term generously) Bitcoin but there’s no reason other than extreme statistical improbability that a single one can’t work on its own. The only other thing needed to get this setup working is to give the Pi all of the configuration information it needs such as wallet information and pool information.

This type of miner isn’t novel by any means, and in fact it’s a style of mining cryptocurrency called “lottery mining” where contributing to a pool is omitted in favor of attempting to solve the entire block by pure random chance alone in the hopes that if it’s solved, the entire reward will be claimed by that device alone. In the case of this device, the current hash rate calculated when it was contributing to a pool means that when lottery mining, it has about a one-in-two-billion chance of winning. That’s essentially zero, which is basically the same chance of winning a lottery that pays out actual usable currency.

Continue reading “Tiny Bitcoin Miner Plays The Lottery”

This Week In Security: Zimbra, Lockbit 2, And Hacking NK

Unknown attackers have been exploiting a 0-day attack against the Zimbra e-mail suite. Researchers at Volexity first discovered the attack back in December of last year, detected by their monitoring infrastructure. It’s a cross-site scripting (XSS) exploit, such that when opening a malicious link, the JavaScript running on the malicious page can access a logged-in Zimbra instance. The attack campaign uses this exploit to grab emails and attachments and upload them to the attackers. Researchers haven’t been able to positively identify what group is behind the attacks, but a bit of circumstantial evidence points to a Chinese group. That evidence? Time zones. The attacker requests all use the Asia/Hong_Kong time zone, and the timing of all the phishing emails sent lines up nicely with a work-day in that time zone.

Zimbra has responded, confirming the vulnerability and publishing a hotfix for it. The campaign seems to have been targeted specifically against European governments, and various media outlets. If you’re running a Zimbra instance, make sure you’re running at least

LockBit 2.0

Because security professionals needed something else to keep us occupied, the LockBit ransomware campaign is back for a round two. This is another ransomware campaign run in the as-a-Service pattern — RAAS. LockBit 2 has caught enough attention, that the FBI has published a FLASH message (PDF) about it. That’s the FBI Liaison Alert System, in the running for the worst acronym. (Help them figure out what the “H” stands for in the comments below!)

Like many other ransomware campaigns, LockBit has a list of language codes that trigger a bail on execution — the Eastern European languages you would expect. Ransomware operators have long tried not to poison their own wells by hitting targets in their own back yards. This one is being reported as also having a Linux module, but it appears that is limited to VMWare ESXi virtual machines. A series of IoCs have been published, and the FBI are requesting any logs, ransom notes, or other evidence possibly related to this campaign to be sent to them if possible. Continue reading “This Week In Security: Zimbra, Lockbit 2, And Hacking NK”

Mining Bitcoin On The ESP32 For Fun, Definitely Not Profit

Bitcoin’s great, if you sold at the end of 2017. If you’re still holding, your opinion might be a little more sour. The cost to compete in the great hashing race continues to rise while cryptocurrency values remain underwhelming. While getting involved at the top end is prohibitively expensive, you can still have some fun with the basic concepts – as [Jake] did, by calculating Bitcoin hashes on the ESP32.

It’s a project that is very much done for fun, rather than profit. [Jake] notes that even maxing out both cores, it would take 31 billion years to mine one block at current difficulty levels. Regardless, the underlying maths is nothing too crazy. Double-hashing the right data with the SHA256 algorithm is all that’s required, a task that is well within the ESP32’s capabilities. There’s hardware acceleration available, too – though this is weirdly slower than doing it in software.

Overall, you’re not going to get rich hashing Bitcoin on a cheap microcontroller platform. You might just learn something useful, though. If this isn’t weird enough though, you could always try the same thing on a 1970s Xerox Alto. 


Turning The DEFCON Badge Into A Bitcoin Miner


The DEFCON badge this year was an impressive piece of hardware, complete with mind-bending puzzles, cap sense buttons, LEDs, and of course a Parallax Propeller. [mike] thought a chip as cool as the Propeller should be put to better use than just sitting around until next year so he turned it into a Bitcoin miner, netting him an astonishing 40 hashes per second.

Mining Bitcoins on hardware that doesn’t have much processing power to begin with (at least compared to the FPGAs and ASIC miners commonly used) meant [mike] would have to find some interesting ways to compute the SHA256 hashes that mining requires. He turned to RetroMiner, the Bitcoin miner made for an original Nintendo. Like the NES miner, [mike] is offloading the communication with the Bitcoin network to a host computer, but all of the actual math is handled by a single core on the Propeller.

Saving one core for communication with the host computer, a DEFCON badge could conceivably manage 280 hashes/second, meaning the processing power of all the badges made for DEFCON is about equal to a seven-year-old graphics card.