This Cryptojacking Campaign Infected Over 200.00 Mikrotik Routers
A cryptojacking infected more than 200.00 Mikrotik routers which failed to solve the vulnerability issue of the system four months after security error for MikroTik routers was launched.
Security error CVE-2018-14847 identified within MikroTik routers was used by illegal crypto miners to install Coinhive encoding on platforms visited by users. It was found that initially, hackers infected thousands of routers in Brazil, as reported by SpiderLabs, a security research company.
“Our researcher @Simon_Kenin has discovered a massive #IoT #cryptojacking campaign affecting tens of thousands of unpatched @mikrotik_com routers in Brazil and going global. Read more here”
The high exposure rate in MikroTik Ethernet and Wi-Fi routers allowed hackers to omit the authentication step and enter the system, managing to quickly gain control over it. This attack was identified back in April, and as a result, the router maker launched a security patch.
It all started in Brazil
The researchers found that the Coinhive script was first introduced in 175,000 routers based in Brazil. With the installation of the second site key, it infected an additional number of 25,000 routers in the Republic of Moldova, reported researcher Troy Mursch.
The infection has spread rapidly on all websites visited by users. In order not to be identified, the hacker limited to installing the crypto mining script only in error breaks. Furthermore, the hacker removed any trace from the router system after it was compromised.
The cryptojacking targets especially MikroTik routers identified in Brazil. It is assumed that a large number of routers were not reviewed after the security issue was solved four months ago, meaning that these routers are subjected to a major risk of being attacked again.
“There are hundreds of thousands of these devices around the globe, in use by ISPs and different organizations and businesses, each device serves at least tens if not hundreds of users daily,” Simon Kenin, a security researcher at SpiderLabs reported.
You may be interested
Spain May Soon Require Investors to Reveal Their Crypto HoldingsSolomon Magawi - October 23, 2018
As Bloomberg reported recently, the Spanish government proposed a controversial bill that would require cryptocurrency investors to disclose their holdings.…
The US Government Seized Over $700,000 Worth of Cryptos from a Dark Web Drug DealerJoshua Tayo - October 23, 2018
Oxymonster, a dark web drug dealer who specialize in the sales of Grade drugs has been sentenced to 20-year in…