The vulnerability of the router is causing the damage to mining the virtual currency secretly on the PC is being expanded
A security researcher report revealed that the vulnerability of MikroTik router caused a massive damage mining the virtual currency by over 200,000 routers.
Mass MikroTik Router Infection - First we cryptojack Brazil, then we take the World?
https://www.trustwave.com/Resources/SpiderLabs-Blog/Mass-MikroTik-Router-Infection-%E2%80%93-First-we-cryptojack-Brazil,-then-we-take-the-World- /
200K MikroTik Routers Exploited to Serve Cryptocurrency Miner | News & Opinion | PCMag.com
https://www.pcmag.com/news/362889/200k-mikrotik-routers-exploited-to-serve-cryptocurrency-mine
Simon Kenin of security company Trustwave made a blog posting vulnerability of MikroTik router hacked and the victim's PC is spreading abusable to virtual currency mining on the blog. According to Mr. Kenin, the technique of hacking is that code is loaded into a PC connected to the network by exploiting the vulnerability of MikroTik router, and while the victim does not know, virtual coin mining service " Coinhive " is used to virtualize It seems to mine the monetary Monero.
Mr. Kenin's survey said that hacking was done with more than 170,000 MikroTik routers, most of the damage occurred in Brazil. Hackers embed Coinhive code in websites, YouTube ads, and third party software, not only when code is executed by browsing web pages but also when code error pages are displayed in the browser It is known that selective remote virtual currency mining is executed, such as being done.
Since Mr. Kenin's report was issued, another security researcher, Troy Marsh, investigated, and similar hacks have been discovered in Moldova with virtual currency mining via a MikroTik router. More than 25,000 people were damaged in Moldova. Whether or not these principals performing hacking found in Brazil and Moldova are identical is not known at the time of article creation.
Coinhive site key "oDcuakJy9iKIQhnaZRpy9tEsYiF2PUx4" is used in another # cryptojacking campaign targeting MikroTik routers. In this case, over 25,000 affected hosts are found on @ censysio
- Bad Packets Report (@ bad_packets) August 2, 2018
h / t @ ifyphe https://t.co/M9iLatsIVX
The vulnerability of the MikroTik router that caused this hack was provided by Firmware Update in April 2018 and it has already been modified . However, unlike computers and mobile terminals, the number of users updating routers is not so large, and the vulnerability that remains is still being exploited. It is a virtual currency mining hacking found in Brazil and Moldova, but since it is a MikroTik router that is used all over the world, it is also pointed out that the damage could expand on a global scale in the future.
Related Posts: