Cryptojacking Campaign Caught Targeting Over 200,000 MikroTik Routers
Our routers are our connection to the internet, allowing us to use our devices to access websites at our leisure. And because of this, routers are often a target for hackers. In fact, just this week, it was uncovered that MikroTik is the latest router manufacturer under siege, as researchers have discovered a massive Coinhive cryptojacking campaign that’s targeting MikroTik routers.
The attack first finds its footing by taking advantage of a vulnerability within MikroTik routers. Once it leverages the flaw, the attack changes the devices’ configuration to inject Coinhive cryptocurrency mining malware into users’ web traffic. For context, Coinhive is a
cryptocurrency mining service. Set up as a legitimate service, Coinhive is unfortunately often used by cybercriminals to hack websites and cryptojack users, aka steal the processing power of their devices to mine for cryptocurrency without their consent.
Which is precisely what’s happening to over 200,000 MikroTik customers, largely in Latin America. However, the attack has the potential to start spreading all over the world, given there are 1.7 million MikroTik routers all over.
Now, the next question is – what can these MikroTik users do to protect themselves from this attack? Start by following these proactive security tips:
- Update your router’s firmware. MikroTik actually patched this vulnerability back in April, but that doesn’t necessarily mean that users applied the required patch. Therefore, this attack is a reminder of just how important it is to regularly update your router’s firmware, as these fixes are typically included within each update.
- Check online notices. When made aware of vulnerabilities, manufacturers will notify the public, as well as make them aware of incoming fixes. Therefore, scan technical service bulletins or notices on a company site so that if a vulnerability does pop up with your router, you can learn what to do to help your device stay secure.
- Secure your home’s internet at the source. Your home router allows your entire family to connect to the internet. If it’s vulnerable, your internet activity can be compromised as a result – just like with this MikroTik attack. So, be sure to use a router with built-in security like McAfee Secure Home Platform, which provides protection against threats at the router-level.
The post Cryptojacking Campaign Caught Targeting Over 200,000 MikroTik Routers appeared first on McAfee Blogs.
More antivirus and malware news?
- BlackBerry’s IoT plans start close to home: cars, asset tracking
- Hackers Exploit Recently Patched Apache Struts Flaw
- 1,000 alleged paedophiles identified via 10-year-old Filipina CGI girl ‘Sweetie’
- How Mobile Phones Turn Into A Corporate Threat
- Half of iPhones on corporate networks run outdated software
- FAA panel: Wi-Fi is safe on planes even during takeoff and landing
- Typing while Skyping could compromise privacy
- Adobe Patches 23 Vulnerabilities in Flash Player
- Malicious uploads allowed hijacking of WhatsApp and Telegram accounts
- Twitter glitch makes it more difficult to report abuse, while "mute" is on its way