Interpol and Trend Micro Join Forces To Knock Out Cryptojacking Malware By 78%
- The impacted software were the routers from MikroTik with the RouterOS system.
- Data suggests that a total of 200,000 devices were potentially impacted.
In South-East Asia, there’s a major cryptojacking attack that is affecting MikroTik routers throughout the region. In an effort to fight back, Interpol has decided to collaborate with Trend Micro, a cybersecurity firm, according to a recent press release on January 8th. Mining hashrate is seemingly not impacted, though the affected devices dropped by 78%.
Cryptojacking is a type of attack that uses crypto mining malware to infect devices, which means that the victim’s resources are used in the mining of cryptocurrency with or without the victim’s knowledge. Trend Micro was added to the efforts of Interpol’s Global Complex for Innovation as a way to clean the routers of the infected devices.
The efforts, known as “Operation Goldfish Alpha,” included the creation of a guidance document called “Cryptojacking Mitigation and Prevention.” The guidance described the way that a vulnerability on a particular (but common) home and enterprise router brand to be put at risk, while also including how victims can use Trend Micro software to take the malware off of their device. Through these efforts, over 20,000 affected routers have since been restored.
This vulnerability particularly impacted the routers that had RouterOS, the proprietary operating system from MikroTik. These routers include quite a broad spectrum of ARM-based CPUs, starting with single-core 600 megahertz processors. The mined devices were used to mine Monero, which is one of the few coins that everyday CPUs can actually mine, which was even easier with the RandomX upgrade.
Based on the CryptoCompare calculator, the attackers would stand to make $13,000 a month amongst the 20,000 devices, based on the current hashrate figures. Still, estimates suggests that the total number of affected devices were approximately 200,000 since the year prior. Before the RandomX upgrade, the ARM processors only managed to reach 10 hashes per second. Through the last two years, the profitability of mining has changed a lot, but the revenue from the attack was most likely to have already reached up to six figures.
According to Interpol, Cyber Defense Institute pitched in the efforts as well. Craig Jones, the director of cybercrime for Interpol, stated,
“When faced with emerging cybercrimes like cryptojacking, the importance of strong partnerships between police and the cybersecurity industry cannot be overstated. By combining the expertise and data on cyberthreats held by the private sector with the investigative capabilities of law enforcement, we can best protect our communities from all forms of cybercrime.”