Bitcoin (BTC) miners in China are in a bind after a ransomware by the name of ‘hAnt’ has been targeting specific mining rigs such as the Bitmain’s Antminer S9, T9 and L3. The ransomware has also found its way into Avalon rigs. The malicious code was first detected in August 2018. Up until now there is no clear source of origin. Some Chinese security experts suspect that hAnt comes hidden inside tainted versions of mining rig firmware that has been present online since last Summer.
hAnt functions like any other ransomware by encrypting the files belonging to the infected miner. This results in the rig halting mining operations for the files are inaccessible till the user abides by the demands of the code. When owners of the rig attempt to investigate the affected machines, the are presented by an image of an ant flanked by two pickaxes in green ASCII characters. The image is similar to the red skull screen displayed by the NotPetya ransomware.