Mikrotik Routers Infected with Cryptocurrency Malware
August 7, 2018 2:47 pm
Cryptojacking has been an increasingly popular way for cybercriminals to mine cryptocurrencies. CBS’s Showtime employed the mining through their website recently.
The devices targeted for this hack was Mikrotik routers. Although the software vulnerability was patched by the company in April 2018, the users who did not update their router’s software fell victim to this attack.
A group of security researchers reverse engineered the patch by Mikrotik and published a proof-of-concept exploit to showcase how the process can be used to gain access to Mikrotik devices. This information was misused by ill-intended people to infect these routers with CoinHive, the browser-based crypto-mining tool.
There have been at least 3 such incidents of cryptojacking attacks that employed this router vulnerability. The first wave of attacks affected over 183,700 Mikrotik routers.
Cryptojacking is quickly emerging as a global threat to users. In fact, it has grown to a point where even Linux users are under threat.
Mikrotik has advised its users to update their router software and update any existing passwords to safeguard their privacy.