Researchers have discovered over 415,000 routers across the globe have been infected with malware designed to steal their computing power and secretly mine cryptocurrency. The attack affected MikroTik routers in particular.
Initially, most of the compromised routers were concentrated in Brazil. The number of infected devices has expanded worldwide including routers in North America, South America, Africa, Europe, the Middle East, and Asia.Hackers were able to inject Coinhive script onto every webpage that a user visits by exploiting a security flaw in older versions of the router’s firmware.
The spread of router infection up to such a great extend shows that many of organizations had not installed the latest firmware of router. Through use of exploit, hacker was able to inject Coinhive script onto every web page that a user visits.n spite of all this, the great thing is that a patch was made immediately within a day of discovery to safe the affected routers of the crypto jacking malware. All Security Experts recommend that MikroTik users must update their routers with the latest firmware to stay safe from malware.
The main relax point of crypto jacking attack was that, it doesn’t compromise a any of personal information or transmitted any on the network. Crypto jacking attack is mainly used by hacker to use computing power and resources for mining of crypto currency.
“Even though the patch has been released, it won’t be of much help because most standard users never care to update their routers even if they know how to. Router companies are slowly shifting to auto-updating frameworks but that is a meta shift which won’t happen so quickly and till then, router exploits will be as deadly as any other hardware based exploit as majority of the users will stay vulnerable for years to come” said Ankush Johar, Director at Infosec Ventures.
Once a router gets hacked/exploited, cryptojacking is just only one possible attack scenario. In real life, an attacker gets a much wider access and can literally steal all information of the users and the websites they are browsing.
Users are suggested to update their router by logging into the admin panel of the router and click on firmware update or router update.
(Image Courtesy: www.bitcoinexchangeguide.com)