Hello, Crypto.org Chain Validator Node Operators:

It has been brought to our attention that an attack on selected validator nodes is being attempted. The attack targets validator nodes with their RPC ports open (in non-compliance with standard security best practices) and is performed by sending large amounts of RPC queries via the open ports.  A few validator nodes were impacted by this and went down.

Short-term solution:

1. Check and restrict access of the RPC port (default port is 26657 and 1317) to be accessed internally ONLY so that it is not directly exposed. You can check this in the configuration file located in “.chain-maind/config/config.toml” and “.chain-maind/config/app.toml”.

2. For AWS/Azure 1-click Deployment users, you might consider updating your security group rules. For example, see https://crypto.org/docs/getting-started/aws-1click.html#step-2-6-configure-security-group.

Midterm solution:

3. Set up sentry nodes following the guidelines here: https://docs.tendermint.com/master/nodes/validators.html#setting-up-a-validator

4. Do checks against this Validator Security Best Practices Checklist to fine-tune your setup for further protection.

If you have spotted any unusual activity, kindly let us know by emailing [email protected] or via discord so that we can coordinate and secure our network together.