Cybersecurity experts from the company Trustwave discovered a massive hacker attack aimed at MikroTik routers. The attackers change the configuration of the devices and implement them in the copy of the script Coinhive allowing covertly mine cryptocurrency in the user’s browser. According to experts, initially the activity of the attackers was limited to devices from Brazil, but later they began to focus on the MikroTik routers around the world.
In Brazil in the early stages was hacked about 7.2 thousand devices currently infected more than 200 thousand routers. The intruders discovered in April of this year, the zero-day vulnerability in a component Winbox MikroTik routers. The manufacturer has released a patch less than a day after discovery, but not all the owners of the routers apply the patch.
“There are hundreds of thousands of these devices worldwide, which are used by Internet service providers, various organizations and enterprises. While each device serves daily tens if not hundreds of users” — experts say.