Fraudsters carried out a sophisticated stealth mining attack, infecting hundreds of thousands of MikroTik routers across Brazil. The goal of the attack is to create a massive XMR mining bot platform.
Criminals were able to infect devices with malicious code by secretly running the CoinHive service in the background. CoinHive is a cryptocurrency mining service that uses the computing power of a computer through any browser running a website with embedded code to mine the Monero coin (XMR). Often this scheme is used for charity purposes or as an option instead of viewing advertising, but, unfortunately, not this time. Such an attack is known as a zero-day vulnerability, that is, the use of previously unknown vulnerabilities in the code. This allowed CoinHive to run on every page visited by infected routers, potentially millions of websites loaded every day.
The attack began this week and is in its early stages. BleepingComputer reports that the number of affected routers exceeds 200,000. Despite the fact that a fix for this vulnerability was released by the manufacturer back in April, routers are often not updated. This means that anyone with a MikroTik router is strongly advised to update it immediately.
Analysts fear this could become a global epidemic. SpiderLabs researcher Simon Kenin wrote in his report: “This is a very serious attack. There are hundreds of thousands of these devices around the world, used by Internet service providers and various organizations and businesses, with each device serving tens, if not hundreds of users every day.”
Scripted crypto attacks such as CoinHive are becoming very popular. Fraudsters now prefer stealth mining over ransomware because this way they can continue to mine secretly for a longer period of time and can earn more money than through ransomware.
So make sure you don't have a MicroTik router, and if you do, contact the manufacturer to get an official update.
According to thenextweb.com
You May Also Like
Gray mining - what is it?
According to cybersecurity experts, the number of people wishing to make money illegally at the expense of others will only grow. Illegal or “gray” mining is a new type of cybercrime, and it is quite safe for the criminals themselves. Today's realities are such that more and more people are trying to mine, but this is a very energy-intensive process with expensive equipment. Therefore, miners are coming up with increasingly sophisticated ways to reduce their costs and increase income.
Fraudsters stole $50 million from gullible investors
More than 27 thousand people, including citizens of Africa, America and Australia, were subjected to one of the largest bitcoin scams in South Africa.
