Featured

How I got remote root shell on a Helium crypto miner - Mikael Falkvidd [Security Fest 2022]



Published
I’ll show you the tools and tactics used to get root on a Helium crypto miner. These miners generate up to 1,000 USD per month. Supposedly, they are locked down very limited user access) with a rigorous approval process. The same tools and tactics can be used for any network target. Helium ($HNT) is currently the 50th largest cryptocurrency with a market cap of around $3 billion. There are about 700,000 Helium miners on the block chain. When deploying Helium miners, I got curious about how secure they were. I used open source tools to collect information on the device and found an unprotected API endpoint, that could be accessed over the network without authentication. This endpoint allowed me to enumerate and add cron-like jobs, but I had very limited ability to see the result of the commands I submitted. Some tweaking allowed me to exfiltrate small bits of information, which allowed me to find out how to exfiltrate larger amount of information. Eventually, I had an interactive root shell.

About Mikael Falkvidd
Mikael works as a CTO-as-a-service consultant at Devies Cloud and Engineering, which means he advises and coaches multiple tech companies to take them to the next level. He is also an amateur radio licensee, OWASP Gothenburg board member, MySensors open source project core team member, and satellite programmer and -listener.

About Security Fest 2022
2022 is ON! Join us on June 2-3
Security Fest took some time off in 2020-2021 for obvious reasons, postponing our big fifth year anniversary. This summer, Gothenburg will become the most secure city in Sweden! We'll have two days filled with great talks by internationally renowned speakers on some of the most cutting edge and interesting topics in IT-security! Our attendees will learn from the best and the brightest, and have a chance to get to know each other during the lunch, dinner, after-party and scheduled breaks.



Please note that you have to be at least 18 years old to attend.

SOLD OUT!



Highlights of Security Fest
Interesting IT security talks by renowned speakers
Lunch and dinner included
Great CTF with nice prizes
Awesome party! It's our 5 year anniversary!


Venue
Security Fest is held in Eriksbergshallen in Gothenburg, with an industrial decor from the time it was used as a mechanical workshop. Right next to the venue, you can stay at Quality Hotel 11.
Category
Cryptocurrency Mining
Be the first to comment