The rate at which ingenious methods are generated for the purpose of cryptojacking has steadily increased over the years, as shown by a recent revelation of the number of routers being hijacked for illegal crypto mining.
While new countermeasures are being developed by the minute, the fast growing pace of technology ensures that illegal operations continue to get easier and newer too. Notable security researcher, VriesHd shared an alarming statistic on his Twitter page on Sunday, reporting an exponential increase in the number of ‘cryptojacked’ routers within this year and the last. Surprisingly enough, world’s foremost and leading router & ISP provider, MikroTik has been the most exploited victim in the mining-onslaught. The Latvian powerhouse finds itself as the sole target of some carefully generated scripts and bugs made to exploit lapses in the older versions of its firmware.
Just three different ways to abuse vulnerable Mikrotik routers to try to mine cryptocurrencies. Total combined 415 thousand results. Many more ways active. pic.twitter.com/u01HEr2UQy
— Kira 2.0 (@VriesHd) December 2, 2018
The Evolution of Cryptojacking
“Crypto mining is in its infancy. There’s a lot of room for growth and evolution.” This is a reasonably famous statement made by Marc Laliberte, a threat analyst at a US-based security solutions provider, WatchGuard Technologies— and he couldn’t have been more right.
The act of crypto jacking has shed its initial baby skin and fleshed out into a ravaging problem troubling billions of online users across the world. Its fast growth and adaptation to countermeasures have forced security companies and softwares such as Adguard to take note and ‘do something.’ Adguard recently shared a disturbing finding that showed more than 33000 websites with a combined user base of about a billion people running illicit crypto mining scripts.
The top malwares found of course include the top two crypto jacking miscreants: CryptoHive and CryptoLoot. CryptoHive which popped up a lot during VriesHd’s latest research started as a legitimate software for Monero users only to be seized into a powerful crypto jacking tool for cybercriminals.
MikroTik’s Ticking Statistics
From a similarly disturbing number of about 200,000 affected MikroTik routers, the latest statistics has more than surged past twice its earlier record, surpassing 415000 routers in 2018. The effect of the malwares continues to spread beyond its earlier affected area— leaving the shores of Brazil to sweep into North America and even Africa in the latter part of this year. In October, reports revealed that MikroTik routers infected with malwares in the tenth month alone exceeded 81000. The numbers have continued to increase with India also posting numbers close to 30,000.
VriesHd has said he wouldn’t be surprised if the actual victims were in truth more than the reported numbers as IP addresses were the only criteria employed in doing the research. He has implored MikroTik users, both individuals and organizations to make necessary updates.