CoinHive Monero Crypto Mining Malware Hits 30,000 Routers in India as CryptoJacking Threat Continues
Crypto Jacking Epidemic Hits 30 Thousand Routers Across India
The crypto jacking epidemic that is currently hitting the world seems far from over and it is only getting bigger. Banbreach has recently reported on Twitter that almost 30 thousand routers in India are now infected with the Coinhive crypto jacking malware.
#Cryptojacking in #India: Nearly 30,000 #MikroTik routers in India are infected with #Coinhive. Here's what it looks like today via two different search engines. (h/t @bad_packets for finding this originally) pic.twitter.com/ue9klBY0kS
— Banbreach (@Banbreach) October 5, 2018
Before India, the infestation hit thousands of computers in Brazil with the crypto mining malware, reports indicate. These hackers seem to be waging a war on the internet and have forced almost 280,000 MicroTik routers in Latin America to mine Monero (XMR) for them.
According to the reports, the number of compromised computers in India is very high and has doubled since the past month. In the top 3 cities of the country alone, the infection rate has grown by 500%. Even worse, internet service providers in India are distributing infected routers unaware of the issues that have affected them.
Coinhive Is The Attackers’ Favorite Tool
The main malware that is being used by the hackers is a modified version of the Coinhive mining protocol, which enables browsers to mine crypto normally and is particularly focused on Monero.
Coinhive is a tool that can even be used for charities, for instance, but it can also be indirectly used to steal computer power from other people and mine cryptos at their computers.
To make matters even worse, it seems like the hackers are making an effort to intensify the action of this malware and have even been releasing new versions of it to spread it as quick as possible.
According to data gathered and shared by McAfee Labs, more than two and a half million versions of the crypto jacking malware exist and most of them are related to Coinhive. All of these versions have been issued in the past three months.
Crypto Jacking Succeeds In
Researchers have mapped the traffic to understand which areas are more affected by these issues. They use tools that track IPs from routers to determine where they are from. For instance, Banbreach used the IPs to divide the attacks in three areas.
The graphic on the link shows that cities that are remote are more infected by the issue than metropolitan areas. The group explains that this happens because the cybersecurity awareness of these non-metropolitan areas is lower in India.
It is believed that Coinhive is able to generate about $250,000 USD worth of Monero in a single month. While not all of this comes from crypto hacking, the number shows just how profitable it can be for hackers to use this technology to steal the computing power of users.
The brand that is being most affected is the MicroTik brand of routers. If you have one, you should patch or contact your official internet provider or the manufacturer.