Trustware a security firm has confirmed that nearly 170,000 devices have been installed with cryptojacking software in Brazil last month. This was done to gain high revenue by mining cryptocurrencies from this devices.
According to Trustware, This attack was on MikroTik routers done on a large scale. Instead of hackers infecting small sites or computers they planned to do it on routers which will be hard to trace.
This was accomplished using Coinhive, It is a service which provides users to mine cryptocurrency using the code provided by them. Using the code the users can mine cryptocurrency from the website or an app. They provide a javascript code through which users can earn Monero cryptocurrency.
Suspecting the Devices Mining Cryptocurrency
Simon kenin, said that he was analyzing and saw that most of the traffic is being generated from CoinHive in Brazil. This brought him doubt and he further did some investigation and came to know that all were connected to MikrotiK network devices.
Soon he knew that all of this was done by one hacker group because it consists of one CoinHive key on all the devices. He claims that this attack was mainly targeted on brazil. But also he alerts the users of Mikrotik globally to check about this crypto mining software if it exists on their device.
Mikrotik devises Vulnerability Patched
The Mikrotik has already released a patch for this vulnerability on April 23rd, 2018. If companies haven’t applied any patch then they are going to face the problem where their routers will mine cryptocurrency without their knowledge.
If routers have already been updated with the patch then no need to worry. because it won’t affect the routers where the patch is applied. But there are thousands of devices in Brazil where they haven’t applied any patch said Kenin.
This clearly shows that hackers who were previously interested in ransomware using cryptocurrencies are now moving towards Cryptojacking and using this to earn money by mining illegally on others systems. Hope other companies got the news and kept their routers updated so they will not face any issues related to Cryptojacking.
