Brazil hacker targets 170,000 with crypto mining malware

August 10, 2018
Chris Wheal

A hacking attack last month launched on MicroTik routers targeted at least 170,000 devices in Brazil, according to a blog post published by security firm Trustwave.


Cryptojacking involves the instillation of mining malware: Shutterstock

The attack was a further example of so-called ‘cryptojacking’, in which hackers instal mining malware in individual’s systems so they can mine cryptocurrencies free of charge.

The latest incident in Brazil saw the installation of Coinhive mining software in a “mass” infection of more than 170,000 devices. Trustwave security researcher Simon Kenin reports that all of the devices used the same sitekey, indicating that a single entity reaped the mined tokens from all of the devices.

Kenin initially believed that the attack was confined to Brazil but subsequently noticed that other locations were also affected, suggesting that a worldwide attack was planned.

A growing trend

An earlier blog post from Trustwave, co-authored by Kenin, stated that Coinhive gained traction in 2017 as a service purporting to provide monetising solutions for websites without employing advertisements. Instead, site owners were to embed JavaScript code that would take hold of the central processing unit (CPU) power of site visitors to mine the cryptocurrency monero (XMR).

However, mining reportedly ended up costing site visitors up to 99% of their CPU processing power, leading to further issues for consumers whose devices generated more heat and used up large amounts of electricity.

Trustwave subsequently released a detection tool to block the mining malware. In his latest post, Kenin urges readers should heed his “warning call” and patch any MikroTik devices promptly, as the attacks could reach “hundreds of thousands” of consumers worldwide.

He adds that illicit cryptocurrency mining operations such as these are “a trend we’ve been seeing a lot of over the last three years, as attackers shift from ransomware into the world of miners.”


Post written by Chris Wheal
Chris Wheal is editor of OpenLedger's news and features service. An award-wining business journalists himself, he runs a team of freelance journalists from across the UK and north America.

Related News

OL DEX is closing all activities April 25, 2020
USDT (ERC-20) Gateway Enabled April 17, 2020