The first hint of attacks was discovered by researcher who goes by the nickname MalwareHunterBR and who tweeted, that the miner has started to spread at an alarming rate. In addition to this, news have also broken out that the first stages of the attack compromised about 70 thousand routers alone.
What is Behind Coinhive’s Infection Success
What is believed is that the hacker may have used one of the exploits for MikroTik devices to perform a zero-day type of attack through one device and then in the device drop a copy of the Coinhive library. This library is also in all of the pages which are displayed by the router, making all of the devices connected to it vulnerable.
And furthermore, since the zero day has been exploited by using only one Coinhive key for all of the injections performed by cooinhive via the past week, it is belived that only one attacker is behind the attack.
The injection has worked with a tremendous success because of the fact how the attack is done and the fact that the infection process has succeeded in obtaining incomingand outgoing traffic control successfully.
For more information and removal of the Coinhive miner, you should visit the related article (Read more...)
*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | SensorsTechForum.com authored by Vencislav Krustev. Read the original post at: https://sensorstechforum.com/coinhive-miner-virus-outbreak-infected-170000-routers/