Cryptojacking Campaign Caught Targeting Over 200,000 MikroTik Routers
Our routers are our connection to the internet, allowing us to use our devices to access websites at our leisure. And because of this, routers are often a target for hackers. In fact, just this week, it was uncovered that MikroTik is the latest router manufacturer under siege, as researchers have discovered a massive Coinhive cryptojacking campaign that’s targeting MikroTik routers.
The attack first finds its footing by taking advantage of a vulnerability within MikroTik routers. Once it leverages the flaw, the attack changes the devices’ configuration to inject Coinhive cryptocurrency mining malware into users’ web traffic. For context, Coinhive is a
cryptocurrency mining service. Set up as a legitimate service, Coinhive is unfortunately often used by cybercriminals to hack websites and cryptojack users, aka steal the processing power of their devices to mine for cryptocurrency without their consent.
Which is precisely what’s happening to over 200,000 MikroTik customers, largely in Latin America. However, the attack has the potential to start spreading all over the world, given there are 1.7 million MikroTik routers all over.
Now, the next question is – what can these MikroTik users do to protect themselves from this attack? Start by following these proactive security tips:
- Update your router’s firmware. MikroTik actually patched this vulnerability back in April, but that doesn’t necessarily mean that users applied the required patch. Therefore, this attack is a reminder of just how important it is to regularly update your router’s firmware, as these fixes are typically included within each update.
- Check online notices. When made aware of vulnerabilities, manufacturers will notify the public, as well as make them aware of incoming fixes. Therefore, scan technical service bulletins or notices on a company site so that if a vulnerability does pop up with your router, you can learn what to do to help your device stay secure.
- Secure your home’s internet at the source. Your home router allows your entire family to connect to the internet. If it’s vulnerable, your internet activity can be compromised as a result – just like with this MikroTik attack. So, be sure to use a router with built-in security like McAfee Secure Home Platform, which provides protection against threats at the router-level.
The post Cryptojacking Campaign Caught Targeting Over 200,000 MikroTik Routers appeared first on McAfee Blogs.
More antivirus and malware news?
- At long last, Box readies for Wall Street debut
- Key Mobile Threat Takeaways from the 2018 Mobile Threat Report
- ServiceNow extends into security operations, incident management
- Update: Various Services Possibly Experiencing Delays or Errors
- Update: Known Issue: Quick ID to Activate Access Accounts
- The Importance of Access Control for IoT Devices
- How Antivirus Software Can be the Perfect Spying Tool
- FTC hits scary tech support scammers that make ‘virtual mayhem’
- New products of the week 4.4.16
- Video shows purported ‘iPhone 6’ case fits 6.1mm-thick iPod touch ‘exactly’