415,000 Routers Face Cryptojacking Worldwide
Despite the downturn in the cryptocurrency market, hackers are always on the lookout for new ways to steal cryptocurrencies.
One of the most popular ways to do this is by cryptojacking. In this type of attacks, a hacker will infect a user’s computer by running a malicious script and steals their computer’s CPU and GPU miner to mine cryptocurrencies without the user’s consent.
The ongoing attack has affecting MikroTik routers at large. The initial phase of these attacks started back in August 2018 where it was discovered by security experts that over 200,000 devices had been affected. It was recently discovered that this number has doubled since then.
While the initial report suggested that the majority of the affected users were located in Brazil, it was found that this hack has affected routers across the world.
VriesHD, Hard Fork said
“It wouldn’t surprise me if the actual number of infected routers in total would be somewhere around 350,000 to 400,000.”
The preferred mode of cryptojacking by hackers is CoinHive, a mining software used for Monero (XMR). The researchers say that hackers are now shifting to other software as well.
“CoinHive, Omine, and CoinImp are the biggest services used. It used to be like 80-90 percent CoinHive, but a big factor has shifted to using Omine in recent months.”
In September, the number of affected devices increased to a shocking 280,000.
Troy Mursch, Security Expert, Bad Packets Report has adviced the affected users to promptly download the latest firmware for their device.
“Users should indeed update their routers, yet the biggest bunch of them are distributed by ISPs to their customers, who often have no idea what to do or how to update the router. Often these distributed routers are limited in their rights as well, not allowing users to update the routers themselves.”
“The patch for this specific problem has been out for months and I’ve seen ISPs with thousands of infections disappear from the list.”
However, there are still dozens of ISPs who haven’t taken the needed steps to curb this ongoing problem.