Compromised Routers in India are Growing at an Alarming Rate

About 2,80,000 MicroTik routers have been hacked to mine Monero (XMR) in Brazil. This plague has now set its sight on India.

The Investigation

BreakBan tweeted out saying that more than 30,000 Microtek routers have been infected by this malware.

#Cryptojacking in #India: Nearly 30,000 #MikroTik routers in India are infected with #Coinhive. Here's what it looks like today via two different search engines. (h/t @bad_packets for finding this originally) pic.twitter.com/ue9klBY0kS

— Banbreach (@Banbreach) October 5, 2018

Another security enthusiast from Mumbai commented saying he found the routers provided by his ISP were infected and outdated. As per the reports by BanBreak, the number of infected routers doubled during the month of September. And for major cities Mumbai, Thane, and Delhi the growth of infected routers has increased five-fold.

BreakBan divides India into three tiers, Tier 1 being the densest and Tier 3 being the least dense. And his research reveals that the least dense cities are the most infected ones with this malware.

More About Crypto-Jacking

Cryptojacking is not a new trick, hackers have used it to mine XMR illegally for a long time. Last month it was found that government websites were exploited to mine XMR. A total of 119 websites were found to contain this crypto-jacking code from Coinhive.

While Coinhive code in itself isn’t harmful, as it is used by charities to raise money indirectly. But the hacking community has found a not-so-good use for this Coinhive code. That isn’t the end of it, these codes are being modified and spread out everywhere as quickly as possible.

According to the data shared by McAfee Labs, more than 2.5 million versions of crypto-jacking malware was found in the last three months and most of it was Coinhive related.

Why Monero?

Monero is the safest cryptocurrency to be mined illegally due to its anonymity. And unlike other cryptos, Monero uses the CPU power to compute the cryptographic codes. And the transactions of Monero can’t be digitally tracked, which makes it an ideal choice for hackers. No coin is google chrome extension that can be used to block sites that mine cryptocurrency mining code.

Apart from the websites that mine cryptos, there are apps that mine cryptos without your consent and slow down your phones. These apps were also found to run a coinhive code. Most of the apps were reported and hence taken down, but many still persist. Beware of the sites that you visit and take care not to get infected by this malware.

You can subscribe to our newsletter for more latest updates. Follow us on Social Media- Twitter, Telegram, Linkedin, Instagram, Facebook.