Researchers have discovered that over 415,000 MikroTik routers have been infected with cryptojacking malware that allows hackers to secretly mine cryptocurrency by stealing the computing power of computers connect to the routers.
The cryptojacking malware was first discovered in August and the number of affected routers has more than doubled since then. In August it was reported that around 200,000 routers were affected.
The number of infected devices expanded worldwide including routers in North America, South America, Africa, Europe, the Middle East, and Asia.
The report said hackers injected Coinhive script onto every webpage that a user visits by exploiting a security flaw in older versions of the router’s firmware.
MikroTik has released a patch within a day of discovery and it is highly suggested that customers of MikroTik should immediately install the latest firmware in order to protect their devices.
MikroTik routers have the great market presence, and many internet service providers and organization use it. The spread of router infection up to such a great extend shows that many of organizations had not installed the latest firmware of router.
The main relax point of crypto jacking attack was that it doesn’t compromise any personal information or transmitted any on the network. Crypto jacking attack is mainly used by hacker to use computing power and resources for mining of crypto currency,” Manish Kumawat, director at Cryptus Cyber Security, said.
Even though the patch has been released, it won’t be of much help because most standard users never care to update their routers even if they know how to. Router companies are slowly shifting to auto-updating frameworks.
“Once a router gets hacked/exploited, cryptojacking is just only one possible attack scenario. In real life, an attacker gets a much wider access and can literally steal all information of the users and the websites they are browsing,” Ankush Johar, director at Infosec Ventures, said in a statement.