Attackers scanned for the entire IPv4 range and look for miners with open SSH connections. Attackers are specifically targeting EthOS, the operating system optimized for mining cryptocurrencies. The operating system currently runs on more than 38,000 mining rigs across the world. If found, it attempts to log in using the default username and password to the EthOS operating system: ethos:live and root:live. If the login succeeds, the attackers try to change the. Ethereum wallet to hijack the mining process to the attackers.”]
Source: http://securityaffairs.co/wordpress/65104/hacking/hackers-hijack-ethereum-miners.html

