RATE Group | Cryptocurrency Malware Infects Over 200,000 Mikrotik Routers
37990
post-template-default,single,single-post,postid-37990,single-format-standard,ajax_fade,page_not_loaded,,qode_grid_1300,side_area_uncovered_from_content,footer_responsive_adv,qode-content-sidebar-responsive,qode-child-theme-ver-1.0.0,qode-theme-ver-13.3,qode-theme-bridge,wpb-js-composer js-comp-ver-7.9,vc_responsive
 

Cryptocurrency Malware Infects Over 200,000 Mikrotik Routers

07 Aug Cryptocurrency Malware Infects Over 200,000 Mikrotik Routers

Posted at 16:00h in Cryptocurrency News by

[ad_1]

A cryptojacking campaign has affected over 200,000 routers made by Mikrotik, the Latvian networking company. 

A Months-Old Vulnerability Exploited

Security researchers recently mapped a series of cryptomining attacks, which initially attacked a large number of users in Brazil to create a growing mining botnet by infecting compromised devices with malware.

According to reports, the devices targetted for the attack were Mikrotik routers which had an outdated software patch.

In April 2018, the company patched a remote access vulnerability which allowed attackers to remotely gain unauthenticated administrative access to the Mikrotik routers.

Some security researchers who reverse engineered Mikrotik’s patch then published a proof-of-concept exploit explaining how to use the recovered vulnerability to access Mikrotik devices.

Some security researchers who reverse engineered Mikrotik's patch then published a proof-of-concept exploit explaining how to use the recovered vulnerability to access Mikrotik devices.

This information was used to infect the routers with code that loads the CoinHive browser-based cryptomining software.

This happens whenever users accessing the…

[ad_2]

Source link

Tags:
, , , , ,