Crypto-jackers are not resting and keep devising new schemes to mine virtual assets fraudulently. The latest involves routers infected with malware. Researchers found that over 415,000 routers worldwide are infected. This malware steals computing power to secretly mine cryptocurrency.

MikroTik Routers Are the Primary Target

The hijack, still ongoing, mainly targets MikroTik routers. This is not the first time hackers have gone after MikroTik. In August, over 200,000 devices were found infected. Since then, attacks have more than doubled.

Global Spread of the Infection

Although Brazil has the majority of devices affected by this new attack, many infected devices are scattered worldwide.

It is important to note that the data only shows IP addresses already infected with malware. So, the exact number of affected routers may be slightly inaccurate. However, this does not change the fact that the total number of compromised devices is very high.

Expert Estimates and Shift in Malware Preferences

According to security researcher VriesHD, “It wouldn’t surprise me if the actual number of infected routers in total would be somewhere around 350,000 to 400,000.”

Before the barrage of attacks started on MikroTik routers, the preferred brand was CoinHive, a mining software used by Monero. This indicates that attackers have shifted their focus to another software.

“CoinHive, Omine, and CoinImp are the biggest services used. It used to be like 80-90 percent CoinHive, but a big actor has shifted to using Omine in recent months,” VriesHD stated.

How to Curtail the Attacks

Not all hope is lost for victims of these attacks. They can still take steps to protect themselves and reduce damage. Troy Mursch, a security expert from Bad Packets Report, urges owners of affected routers to “immediately download the latest firmware version available for their device.”

VriesHD added that internet service providers (ISPs) can help stop the infection’s spread by “forcing over-the-air updates to the routers.”

Summary

Researchers have discovered that more than 415,000 routers around the world have been infected with malware designed to illegally take computing power and mine cryptocurrency secretly. MikroTik routers have been the hardest hit in this new string of crypto-jacking.