Home News Over 415,000 Routers Infected by Cryptomining Malware
Over 415,000 Routers Infected by Cryptomining Malware Over 415,000 Routers Infected by Cryptomining Malware
News | 12/12/2018

Over 415,000 Routers Infected by Cryptomining Malware

When was the last time you checked your PC health? Do you know your PC requires a regular Check Up!!!

415,000 Routers Infected From Cryptominers

Researchers discovered 415,000+ routers across the globe infected with cryptojacking malware and cryptomining virus. The attack is still ongoing and the first cryptojacking attack began in August.

At that time, security experts discovered more than 200,000 devices and since then the number of infected routers has doubled. The majority of affected devices are in Brazil.

Breaching of tons of devices reflects a massive amount of data loss and change in IP addresses allowed the injection of cryptojacking java scripts.

A security researcher VriesHD said, “It wouldn’t surprise me if the total number of infected routers are somewhere around 350,000 to 400,000 worldwide.”

Interestingly, the attackers mainly use CoinHive, Darkgate, WebCobra, etc. They are mining software that privately mines cryptocurrency Monero (XMR), Zcash, Bitcoin etc.

Other than above crypto miners, Omine and CoinImp are also the widely used mining software. 80-90 percent of attacks are by CoinHive, but Omine attacks in recent months have increased.”

Mining Malware Epidemic

In August, researchers reported around 200,000 hacked devices in Brazil that increased to 280,000 in September 2018. The affected routers belong to MikroTik devices, a Latvian company that develops wireless ISP systems and routers.

Security experts all around the world advise owners of affected MikroTik devices to immediately download the latest and newest firmware version to prevent future hacking. Users should update their routers.

The patch for the specific problem has been out for months and thousands of infections have disappeared from the list. However, it appears tons of ISPs couldn’t take action when the attacks were weakening.

Also, Read: New Ransomware Infects Over 100,000 Windows Users in China

The cryptojacking malware threat has expanded to the routers in North America, South America, Asi, Africa, the Middle East, Europe, and Japan. The infection is active since August and has attacked many organizations that used this router.

Cyber attackers were able to exploit a security flaw in the older versions of the router’s firmware. This exploitation made them successful in injecting cryptomining malware scripts onto every single web page that a user visits.

What Do Reports Suggest?

According to the reports MikroTik RouterOS allows unauthenticated, remote attackers to read all the arbitrary files and rewrite them due to a vulnerability in the WinBox interface which is said to be a flaw in routers.

However, the good news is that a security patch was made ready within a day y to rid affected routers of the cryptojacking malware. The security experts also recommend users of MikroTik routers to download the latest firmware from the company’s website in order to stay ahead of the malware.

malware crusher

In a separate incident happened last month, Nova Scotia’s St. Francis Xavier University in Canada shut down its entire network when cybersecurity experts discovered that the university’s system is computing resources to mine for Bitcoin.

Fortunately, during the attacks, personal information across the network wasn’t compromised. With cryptojacking, the attackers are always interested in computing power when connected to the Wi-Fi network for mining cryptocurrencies.

Tips to Prevent virus and malware from Infecting Your System:
  1. Enable your popup blocker: Pop-ups and ads on the websites are the most adoptable tactic used by cybercriminals or developers with the core intention to spread malicious programs.
    So, avoid clicking uncertain sites, software offers, pop-ups etc. and Install a powerful ad- blocker for ChromeMozilla, and IE
  2. Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update.By doing this you can keep your device free from virus.According to the survey, outdated/older versions of Windows operating system are an easy target.
  3. Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
  4. Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection.Thus always backup important files regularly on a cloud drive or an external hard drive.
  5. Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like ITL Total Security or a good Malware Removal Tool like Download Virus RemovalTool


× Zoom Image