On the morning of 30-05-2018 tpruvot (yiimps developer) posted in the Ravencoin Discord that his yiimp.eu had been hacked and funds stolen from the RVN pool wallet. Systematically after this most of the larger yiimp Ravencoin pools had the same thing happen. The pool wallets were emptied and new blocks were stolen as soon as mature.
In an attempt to stop this pool ops closed down their stratums and also stopped the wallet daemons. This did not help and funds continued to be taken. This means the attacker has figured out a way to dump private keys on yiimp pools.
ravenminer, krawww-miner, cryptopoolparty, panda, all of these were hit and had substantial amounts stolen.
What we know at this time 31-05-2018
- A few security patches have been released for yiimp, and the pools are back online
- Nobody knows how the hacks were done yet, because of this the security patches are unknown if they fix the issue
- Mining on yiimp pools is unknown at this point from a security point of view
- Personal wallets are not affected. But please people make sure your wallets are encrypted and passwords are not stored online!
What does this mean for you the miners? It means you mine on yiimp based pools right now at your own risk. Until somebody discovers how it was done and a confirmed fix is in place. Could be the hacker waits weeks or months and does it again if no confirmed fix is in place.
To be clear I am not saying stop using yiimp based polls, i do though want the miners to know that there is right now an increased risk with them.
Here are a few pools that do not run yiimp and have thus far been unaffected by the hack:
- Our pool > http://pool.virtopia.ca
I will update this post if any further details or a proven fix is implemented.