There is a new attack against Antminer ASIC equipment.
Using sites like https://www.shodan.io and https://censys.io hackers can gain the IP of your mining equipment.
If you have not changed the default login: root and password:root, then it is very easy to gain access to your miners configuration files and to change your workers to those belonging to the hackers.
Please, use secure logins and passwords for your mining equipment!