[homakov]

>3. That whoever created this page recommends the user alter the miner to point to some other, user-controlled HTTP server, effectively MITMing anyone who sees this page.

>127.0.0.1 auth.minerlink.com

This is localhost.

[lossolo]

> You can check if your Antminer is vulnerable to this attack by SSHing to the Antminer, and changing the /etc/hosts file on the device to include:

139.59.36.141 auth.minerlink.com

This will cause the Antminer to connect to our test server

[CJefferson]

They admit that doing that redirection will make your miner shut down, that's basically worst case.

The main advantage i can see is that this provides an easy way of proving there really is a kill switch.

[MichaelBurge]

That's to test if you're affected, not suggested as a solution.

[lossolo]

And a lot of people would test to know if they need to use the solution, don't they?

Look at this site and twitter account. You can't get any info on who registered the site because it's protected by "privacy guard", why should anyone trust this site? And their twitter account looks more like marketing campaign from competition.

[homakov]

You can install the fix no matter what, it's innocent. They should have offered source code for their test app instead, but that's definitely not malicious.

[fourchette]

The test source code was made available here https://pastebin.com/2wd7GDTC.