A group of Brazilian systems were attacked on 3rd August, 2018. The attackers installed a malicious code which would use the hardware of the router to mine Monero. Simon Kenin, who’s a researcher at TrustWave discovered that they attacked the routers which were made by Mikrotik and attacked over 200,000 routers.
As reported by Forbes, the attackers were able to hack into the router because of a small microchip located inside the router. The chip isn’t that powerful, but it for sure can do much more than connecting the user to WiFi. Also, we shouldn’t forget that the attackers attacked more than 200,000 routers which could provide good amount of computing for mining.
On doing research, it was found that the attackers setup a globally available Monero mining script from CoinHive. The script is used by a lot of websites especially torrent and download sites. Mining isn’t a bad activity, but performing it without permission is unethical. Google also took an initiative and started removing mining extensions from the Chrome Store.
For those who are new to mining, it’s the process which is responsible for transfer of cryptocurrency tokens from one address to another address. The people who provide resources for the process are called miners. They get rewarded for allocating their resources.
Although, the attackers were just mining via router but the attack could have gotten even serious if they routed the traffic and installed ransomware on the user system. Users could have lost their important data and have had their systems compromised. But we shouldn’t forget the fact that continuous mining can degrade the power of the devices.
We got in touch with the manufacturer for statement regarding this, They said that the company provided a security patch in April. So the attack supposedly happened on the routers which were not updated. This brings us to another conclusion that, one should always stay on the latest stable software builds.
