During the night, I noticed a sudden influx of sessions towards my ElectrumX server. Client count was above 1.000.
Also, many new peers (other servers) coming from IP's:
192.95.57.197 173.44.42.130
With hostnames similar to:
Manila.electrumupdate.org li.myblocknode.com 8bch.codenodebox.com ...
These .onion peers also use the same SSL certificate as the above hosts:
gb53gznkmmzx3e6a.onion 7aclc6dnv2oe74jg.onion gb4igdsqreylpizm.onion
When I woke up this morning, I want to check up on things, and my ElectrumX server couldn't serve a client connection to me.
It seems like someone is trying to kick off "valid" ElectrumX servers by exhausting connections, and to replace them with their own servers. Many previously working ElectrumX servers are no longer connectable.
Keep an eye on your ElectrumX servers.
Written by: atroxes
Source: https://ift.tt/2V6NvUD
No comments:
Post a Comment