The cryptocurrency industry has a voracious appetite for both electricity and computing power. As a result of this, some users are looking for creative ways to boost their own mining capacity. The less scrupulous among them are turning to cryptojacking to steal computing power from unsuspecting bystanders. This originally became an issue as a result of the CoinHive software – a lightweight Monero mining program that can run through a web browser. Monero’s (XMR) intrinsic ASIC resistance makes mining relatively cost-effective – and further makes it the perfect candidate for cryptojacking.
While some first party sites have leveraged CoinHive as an opt-in advertising alternative, it remains the weapon of choice for malicious actors in the crypto-sphere. Now, hackers are exploiting security flaws in MikroTik routers to turn them into miniature mining rigs. Rather than the blatant CPU slowdown caused by directly infecting a user’s computer with malware, this process is more insidious. The end user may notice an internet slowdown but will not be able to identify the issue without checking the router itself.
MikroTik’s Cryptojacking Epidemic
Bad Packets, a group focused on researching the growing plague of cryptojacking issues, identified the issue in July. After collecting a considerable amount of data, they made this information available to the public – calling attention to the new form of malware. It appears that the hackers are using a suite of mining programs in addition to the aforementioned CoinHive software. Brazil is far and above the most infected country – with Southeast Asia and Eastern Europe trailing behind.
The hackers focused on MikroTik’s routers due to several security flaws that were easily exploitable. They can gain access to the router through bypassing authentication, after which they install their mining software of choice. Several updates are available from MikroTik that will patch these security flaws and prevent this form of cryptojacking – but it remains to be seen if other routers are suffering similar problems.
Cryptocurrency’s Persistent Image Problem
Increasingly sophisticated cryptojacking operations are not beneficial to cryptocurrency’s public image. While great strides occurred in 2017, the prolonged bear market and near total collapse of 2018 undid much of blockchain’s public outreach. The average non-user still views cryptocurrency as not only suspicious – but potentially illicit. Due to Bitcoin’s storied past on the dark web, many non-users view it as a vehicle for drug purchases.
Preventing malware associated with cryptocurrency will be criticalin gaining greater adoption – and groups like Bad Packets are on the frontlines of the battle. Proactively locating and disabling illegal mining ringswill help bring a necessary appearance of legitimacy to the market.
Article By: Adam Stone
