The cryptojacking malware was first discovered in August and the number of affected routers has more than doubled since then. In August it was reported that around 200,000 routers were affected. The attack affects MikroTik routers in particular. Initially, most of the compromised routers were concentrated in Brazil. However, according to the reports, the number of infected devices has expanded worldwide including routers in North America, South America, Africa, Europe, the Middle East, and Asia.
Hackers were able to inject Coinhive script onto every webpage that a user visits by exploiting a security flaw in older versions of the router’s firmware. MikroTik has released a patch within a day of discovery and it is highly suggested that customers of MikroTik should immediately install the latest firmware in order to protect their devices.
Manish kumawat, Director at Cryptus Cyber Security Pvt Ltd, an organisation that provides Cyber Security Services, Corporate Training to the govt. & Private organizations, said. “It was found that malware origin compromised routers were located in Brazil. After that with spreading of this malware threat, it is observed that routers in Africa, North America, South America, Europe, the Middle East and Asia have also been infected. MikroTik routers have the great market area, and many internet service providers and organization use it. The spread of router infection up to such a great extend shows that many of organizations had not installed the latest firmware of router.”
Users are suggested to update their router by logging into the admin panel of the router and click on firmware update or router update.