The Crypt of Crypts epidemic hits 30 thousand Routers throughout India
The cryptocurrency epidemic that is affecting the world seems far away and is only getting bigger. Banbreach recently reported on Twitter that almost 30,000 routers in India are now infected with Coinhive's Crypto Jacking malware.
#Cryptojacking in #India: Almost 30,000 #MikroTik routers in India are infected by #Coinhive. Here's how it looks today through two different search engines. (H / t @bad_packets for having found this originally) pic.twitter.com/ue9klBY0kS
– Banbreach (@Banbreach) 5 October 2018
Before India, the infestation hit thousands of computers in Brazil with the malware of encryption mining, report reports. These hackers seem to wage war on the Internet and have forced almost 280,000 MicroTik routers in Latin America to extract Monero (XMR) for them.
According to reports, the number of compromised computers in India is very high and has doubled since last month. Only in the first 3 cities of the country, the infection rate has increased by 500%. Even worse, Internet service providers in India are distributing infected routers unaware of the problems that have affected them.
Coinhive is the favorite tool of attackers
The main malware that is used by hackers is a modified version of Coinhive mining protocol, which allows browsers to normally extract cryptography and is particularly focused on Monero.
Coinhive is a tool that can also be used for charity, for example, but it can also be used indirectly to steal computer energy from other people and mines the encrypted ones on their computers.
To make matters worse, it seems that hackers are making an effort to intensify the action of this malware and have even released new versions to spread it as quickly as possible.
According to data collected and shared by McAfee Labs, there are more than two and a half million versions of the encrypted malware and most of them are linked to Coinhive. All these versions have been released in the last three months.
Crypto Jacking manages to enter
The researchers mapped the traffic to understand which areas are most affected by these problems. They use tools that trace IPs from routers to determine where they come from. For example, Banbreach used IPs to divide attacks into three areas.
The image on the link shows that remote cities are more infected by the problem than metropolitan areas. The group explains that this happens because the awareness of computer security in these non-metropolitan areas is lower in India.
It is believed that Coinhive is able to generate approximately $ 250,000 USD in Monero in a single month. While not all this comes from crypto hacking, the number shows how useful it is for hackers to use this technology to steal the computing power of users.
The most affected brand is the MicroTik router brand. If you have one, you must correct or contact your official internet provider or manufacturer.