Cryptojacking has been a problem for quite some time now in the industry as the number of such attacks are growing at an alarming rate. According to the latest report released by Cybersecurity firm Banbreach, the number of routers in India that were exploited by cryptojacking software has doubled in the past month.
30,000 routers across India now in control of cryptojackers
According to Banbreach’s report, hackers have taken control of over 30,000 routers across India. While performing the research, Banbreach separated areas of India into three distinct categories according to population density. The report states that 45% of the exploited routers in India are located in the least densely populated regions.
The number of compromised routers have doubled in the past month. For the top three cities with the most infected routers, the growth has been ~5x. pic.twitter.com/TuCxt0evnb
— Banbreach (@Banbreach) October 5, 2018
Banbreach was able to successfully monitor Internet traffic and identify all devices connected to the Internet with public IP addresses. This enabled the firm to examine traffic passing through routers.
CoinHive seems to be a favorite tool of the attackers. The main malware that is being used by the hackers is a modified version of the CoinHive mining protocol, which enables browsers to mine crypto normally and is particularly focused on Monero. To make matters even worse, it seems like the hackers are trying to intensify the action of this malware and have even been releasing new versions of it to spread it as quick as possible. According to data gathered and shared by McAfee Labs, more than two and a half million versions of the cryptojacking malware exist and most of them are related to CoinHive. All of these versions have been issued in the past three months.
On the hardware front, among the brand of routers that are being affected the most is MikroTik brand of Routers.
The rise in cryptojacking attacks
This report is not the first one which showed the rise in Cryptojacking. In June California-based cybersecurity firm, Proofpoint Inc also gave the same data regarding CoinHive-based cryptojacking attacks. According to the report, there has been a 460m percent surge in CoinHive-based cryptojacking attacks the firm also reveals that a large percentage of these attacks are carried out via mobile phone apps. The apps mine cryptocurrency, usually Monero – a privacy-centric coin, in the background while the phone is in operation. Earlier in 2018, the company announced that there were 19 smartphone apps infected with CoinHive malware. These apps have since been removed from the Google Play Store. However, Proofpoint reports that CoinHive activity seems to be increasing.
In April this year, Symantec’s latest Internet Security Threat Report (ISTR) highlighted that Cryptojacking attacks exploded by 8,500% in 2017 becoming the latest threat to cyber and personal security with cybercriminals. Even Quick Heal, in July, said that it has detected more than 3 million crypto jacking hits between January and May 2018. Quick Heal Security Labs expects these numbers to grow even further, as more cybercriminals leverage crypto jacking as a lucrative channel for generating illicit revenues.
The rise in crypto jacking is a real threat that the world is facing today and with time it is pretty clear that such attacks would increase in the manifold. Hence cybersecurity firms need to step their game to nullify this risk.
Will, there be a permanent solution for cryptojacking soon or will crytojackers continue attacking users? Do let us know your views on the same.