On the 3rd of August, a group of Brazilian systems were infected by a malicious software that targets a specific brand of routers for its nefarious activities. This was discovered by Simon Kenin, a TrustWave researcher who said that the router MicroTik is being targeted and over 200,000 routers were then secretly programmed for mining Monero [XMR] across the country.
The cybercrooks were able to hack their way into the system using a malevolent code that covertly runs coinhive in the back end. In the case of Monero, it uses CPUs and coinhive, a well-known Monero mining script, it is globally utilized to mine coins. This also makes it easier to hack systems.
Sources from Forbes state that this was possible due to a small microchip located inside the router that is similar to that of any hand-held device. This Microchip is not very strong but is still capable of doing more than just connecting a user to the web or enabling WiFi services.
Furthermore, although mining activities do not pose a threat to crypto-users or their accounts, it can seriously degrade a computer and significantly reduce the speed at which a system works. In addition, the risk is greater for handheld devices as it can cause the device to overheat up to a point where it can melt.
Although a patch for this threat was provided by the manufacturer in April, many routers were not updated.
In his analysis, he said:
“Let me emphasize how bad this attack is, there are hundreds of thousands of these devices around the globe, in use by ISPs and different organizations and businesses, each device serves at least tens if not hundreds of users daily.”
Simon states that mining has become a trend in the cryptocurrency world and now it appears that using scripts like coinhive have become the latest trend.
He further continues:
“Miners, on the other hand, can be a lot more stealthy, so while a single computer would yield more money from ransomware if the user ends up paying, an attacker would prefer to run a stealthy miner for a longer period of time. The plan being that at some point the mining would be as profitable as, if not more than, the one-time ransom payout.”