MikroTik routers Independent malware investigator has discovered a massive crypto jacking campaign to targets MikroTik routers and re-arrange their setup setting to insert a copy of the Cognitive in-browser cryptocurrency miners on computers connected to them.more than 210,000 routers from Latvian network hardware provider Mikrotik across the world.

 

The first campaign, noticed by Trustwave researchers, began with targeting networking devices in Brazil, where a hacker oTroy Mursch, another security researcher, has identified two similar malware campaigns that infected 25,500 and 16,000 MikroTik routers, mainly in Moldova, with malicious cryptocurrency mining code from infamous cognitive service.r a group of hackers compromised more than 183,700 MikroTik routers.

The first campaign, noticed by Trustwave researchers, began with targeting networking devices in Brazil, where a hacker or a group of hackers compromised more than 183,700 MikroTik routers.

Global Hacker-Troy Mursch has classified two similar malware attacks that affected 25,500 and 16,000 MikroTik Routers hacked, with malicious cryptocurrency mining code from infamous coinhive 

Three #cryptojacking campaigns targeting MikroTik routers.
Two using Coinhive, one using Crypto-Loot.
209,501 compromised devices.

— Bad Packets Report (@bad_packets) August 2, 2018

 

Hacker adding Coinhive’s Javascript within all web page that a user using regularly a vulnerable router, ultimately charging every compared computer to unknowingly mine Monero cryptocurrency for the miscreants.

It’s a good reminder for users and IT managers who are still running vulnerable MikroTik routers in their environment to patch their devices as soon as possible

The security flaw can probably enable an attacker to gain unauthenticated, remote administrative entrance to any vulnerable MikroTik router.