To secretly mine cryptocurrency more than 400,000 routers have been hijacked, researcher reveals
Researchers have found more than 415,000 routers worldwide that have been hijacked to secretly mine cryptocurrency. The routers have been infected with malware so that they can steal the computing power & mine cryptocurrency.
According to The Next Web report, the attack affects MikroTik routers in particular. It is to be noted that the number of affected devices might be much more than the mentioned number since the data only reflects the IP addresses that have been infected with crypto-jacking scripts. The number of compromised routers might be much more than mentioned.
In fact, security researcher VriesHD told The Next Web, “It wouldn’t surprise me if the actual number of actual infected routers in total would be somewhere around 350,000 to 400,000.”
Crypto-jacking attacks isn’t new, in fact, the attack on the brand first started in August. At that time, the experts found that more than 200,000 devices had been infected and since then the number has only doubled.
Attackers reportedly favoured CoinHive – a mining software for Monero (XMR), privacy-oriented cryptocurrency, initially. However, the researcher revealed that they have shifted to other mining software as well. “CoinHive, Omine, and CoinImp are the biggest services used,” VriesHD revealed. “It used to be like 80-90 percent CoinHive, but a big actor has shifted to using Omine in recent months.”
Furthermore, VriesHD pointed out that internet service providers (ISPs) can help in battle the spread of the malware. It can be done by simply forcing updates to the routers. According to the researcher users should update their routers but the problem is maximum of them are distributed by ISPs to the users.
And, they often don’t know how to update the router and often the distributed routers have limited rights where users cannot update the routers themselves.“The patch for this specific problem has been out for months and I’ve seen ISPs with thousands of infections disappear from the list,” he added.
Image via Shutterstock