Re: [6600Th] Eligius: 0% Fee BTC, 105% PPS NMC, No registration, CPPSRB (New Thread)
Interesting hypothesis. I wonder if all of those attacked are running full Bitcoin nodes at the same public IP addresses?
I have never run a bitcoin node, so have little insight as to what can be harvested by way of intel from the relayed traffic. But I don't think that running a node would make you any more or less susceptible to this type of attack.
All bitcoin nodes are discoverable due to the peer-to-peer nature of the network. It would take some time and effort, but it would not be difficult to get a large list of bitcoin node IP's. And IP's running bitcoin nodes are probably more likely to be mining than IP's not running bitcoin nodes.
Quote
If they were targeting specific servers, they wouldn't be redirecting Bitcoin miners to a scrypt server - kinda pointless 
Gawd, well that pretty much sums it up.
Yeah, I didn't realize that it was a redirect to a scrypt pool. Interesting. That shows that this is a pretty indiscriminate stratum attack, nothing about particular coins or pools. Which, in one way, is comforting; in another way, it's not, since it implies that some fairly major routers are being tapped somehow.
Or... maybe somebody did some IP recon with heartbleed on this forum? People logged in to this forum are obviously more likely to be miners than the Internet population at large. Scrape a bunch of IP addresses and try those.... hmm. But again, you'd think that such an attacker would at least have an SHA256 pool set up.