[LACNIC/Seguridad] Fwd: BGP hijacking to steal bitcoins

Fernando Gont fernando en gont.com.ar
Vie Ago 8 18:26:57 BRT 2014

-------- Forwarded Message --------
Subject: BGP hijacking to steal bitcoins
Date: Fri, 8 Aug 2014 10:43:05 +0200
From: Stephane Bortzmeyer <bortzmeyer en nic.fr>
To: nanog en nanog.org

Good report (although I do not understand why they hide the name of
the offending ISP since anyone can see it in RouteViews, or in its own
BGP traffic). It's ordinary BGP hijacking but the goal is new:
stealing bitcoins since the connections inside the mining pool are not


Here is an example in RouteViews en LINX, for (among others) the OVH
prefix (bitcoin pool Hashfaster). This route was
withdrawn at 18:35:08.

TIME: 03/23/14 18:32:38


FROM: AS6939

TO: AS6447


ASPATH: 6939 21548 34272 2093 2871 3721



Fernando Gont
e-mail: fernando en gont.com.ar || fgont en si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

Más información sobre la lista de distribución Seguridad