Tech 7 August 2018Dennis Wafula
Over 200,000 routers in Brazil, Moldova succumb to Monero cryptomining attack
It’s barely a week, and Monero (XMR) is on the spotlight again. According to recent reports, a malicious malware has been attacking over 200,000 routers in Brazil to mine the privacy-centric cryptocurrency.
The hackers have been attacking a particular brand of routers called MikroTik in order to conduct their operations. According to a Trustwave report, hackers used MikroTik routers after their system become vulnerable back in April. Upon realizing the security flaw, the MikroTik development team released a security patch to fix the issue; however, not all users were able to fix the problem, which exposed them to attacks.
A security flaw in MikroTik routers, known as CVE-2018-14847, reportedly affected the company’s Ethernet and Wi-Fi helped hackers to penetrate user computers and mine XMR. Reports show that the hackers began by infiltrating 175,000 routers in Brazil, and then expanded to the country of Moldova in Eastern Europe, where it attacked an estimated 25,000 routers. It is yet unclear whether the hackers that attacked the routers in Moldova is the same group that operated in Brazil.
The hackers used small chips in the router and the Coinhive, a Monero mining script, to penetrate a user’s computer. Although the malware is not stealing coins from users’ wallets, it affects the computers processing power. In addition, the malware uses a lot of electricity to mine the coin, which has made many users to pay high electricity bills.
Initially, the malware worked by attacking all the web pages. To avoid being detected, hackers resulted in attacking custom error pages and using a cleanup command. This helped them go unnoticed.
A researcher at SpiderLabs, Simon Kenin, found the cryptomining attack and reported it. In a blog post, Kenin warned that attack is quickly growing to spread across hundreds of thousands of MikroTik devices. He added that the malware stands to attack many people as each device serves at least 10, if not hundreds of users every day.
Our researcher @Simon_Kenin has discovered a massive #IoT #cryptojacking campaign affecting tens of thousands of unpatched @mikrotik_com routers in Brazil and going global. Read more here: https://t.co/SfIz7KKcnc
— SpiderLabs (@SpiderLabs) August 1, 2018
So far, the number of monero coins mined by the hackers is believed to be quite significant given the period the operation is believed to have been running.
Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.
Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.
Tech 17 minutes ago
Dr. Craig Wright on the “perfect” firewall
Dr. Craig Wright explains that Bitcoin does not need to be perfectly secure and that there is no such thing, but it needs to be resilient and available.
Tech 1 hour ago
Blockchain legal experts in very high demand, report reveals
It’s difficult to keep up with the demand for lawyers with knowledge on blockchain technology and other associated practices such as digital privacy, according to a report by Law.com.
Tech 18 April 2019
Pakistan eyes blockchain for digitalization of government processes
A meeting chaired by Pakistan Prime Minister Imran Khan discussed ways in which technologies such as blockchain could be used to ensure efficiency of government processes.