Here is a copy of it:

Hello guys again
Some another security advice worth to read !
Recently more and more botnets are sniffing for claymore API port forwarded on routers in whole internet.
Even when claymore api port is in read-only state it seems that bots still can change mining pool and wallet if port for API(ethman) is forwarded outside.
If you are using claymore miners then i advice to replace -mport -3333 by -mport 127.0.0.1:3333
If you dont have -mport specified in your config then i advice to add this as without it - it will act like -mport -3333 by default !
This way claymore API will be available only at localhost (for stats reading that are sent to dashboard) and not on your LAN IP address.
I changed all default configs to that setting so if you are not sure just look at those examples.
Also please remember not to forward 22 port. If you forward 22 port then botnets will find you in mater of hours i guess.

Here are some articles:
https://cryptovest.com/news/major-botnet-resurfaces-to-pounce-on-claymore-mining-rigs/
https://www.reddit.com/r/EtherMining/comments/6yoo47/claymore_hacked/