One can only imagine the scale of the latest cryptojacking attack. The trend to steal internet users’ computing power to mine cryptocurrencies shows no signs of slowing down. In fact, it is quite the opposite, cryptojackers get smarter and more creative than expected.
A group of cybersecurity researchers has stumbled upon 3,700 routers that silently run cryptocurrency mining scripts. These particular routers have not been infected before but it looks like the internet cowboys have changed that. This brings the total number of corrupted devices to 280,000. What is more concerning is the fact that just three months ago this number was 200,000. Read between the lines babe, roughly 888 devices are being hacked every day. That makes 37 hacks per hour. Yet some dare to say, cryptojacking is unprofitable.
— Bad Packets Report (@bad_packets) September 10, 2018
The recent discovery just proves that the attack that took place in Brazil one month ago is not over yet. Back then the culprits performed “zero-day attack” on MicroTik routers, successfully compromising 200,000 of them. Prior to the attack, no one was aware of the existing vulnerabilities. As always, CoinHive was the software that was injected in the routers, thus allowing the hackers to effectively mine Monero.
CoinHive is the most notorious piece of code on planet Earth in recent months. It is super popular among hackers as it is easy to use as well as effective. So far, the online criminals have infected AdSense banners, websites, Wi-Fi networks, and routers. Once an internet network (or a website) starts running CoinHive the script hijacks computing power from user’s devices and mines Monero.
Unfortunately, cryptojacking is not the only tool the bad guys rely on. We have to fear Android Banker as well. It is a Trojan Horse virus, which effectively circumvents two-factor authentication (2FA) and thus stealing usernames and passwords. Hackers primarily use it against banking apps and have already compromised 200 applications in 2018 alone.
Android Banker with 190+ targeted banking apps, including cryptocurrency exchanges. Most victims are from USA 🇺🇸, weird.
50+ victims with phished banking credentials + card cards.
Can bypass SMS 2FA
Setting > Security > "Unknown sources" -> DISABLE pic.twitter.com/vD8Uuuc9F9
— Lukas Stefanko (@LukasStefanko) September 8, 2018
Never ever download and trust applications from unknown sources. You will thank me later.