Over 200 milllion devices were infected alll over the world, a huge figure that sugests how much these hackers make from infecting deevices with malware to mine cryptocurrency.
“Cryptojacking” is a form of cyber-attack in which the attacker, a hacker, seizes the mining power of the target to mine cryptocurrencies on behalf of the hacker. Cryptojacking is one of the contemporary cybercrimes and a challenge to victims in the crypto space. It has become a wide known means of extracting money in form of cryptocurrency from the victims; unauthorized use of an organisation or individual’s computer to secretly mine cryptocurrency.
Several continents were affected by the publicized WannaCry worm that affected their systems in 2017 and Bitcoins were requested as ransom to decrypt it. Cryptojacking takes different forms depending on the attacker but the victim always has to bear the consequences: cost of mining as well as the damages made to the computer. It often occurs when users click on malicious links or when they visit infected websites. Coin-miner programmes are always installed on their computers by the cyber criminals to secretly mine cryptocurrency for them.
The cybersecurity company, Trend Micro has collaborated with INTERPOL to suppress the cryptojacking affecting MicroTik routers along south-East Asia, according to a press release. The collaboration was said to have made serious impact. The numbers of affected devices were reduced by 78 percent after a five-month police operation led by the INTERPOL that ended officially in November.
Although the operation, “Goldfish Alpha” has ended, efforts are still on-going to remove the infections from the remaining devices. Experts in the cybercrime space and police force collaborated from the major ASEAN countries – Indonesia, Cambodia, Malaysia, Philippines, Singapore, Thailand, Vietnam, Laos, Brunei and Myanmar – to locate the routers and notify the victims.
Trend Micro developed a “cryptojacking mitigation and prevention” document as part of the “operation Goldfish Alpha”. It contained details on how an infection that affected common brands and enterprises led to infection of thousands of devices being infected across the ASEAN region. It also contained Trend Micro software that could detect and eliminate the cryptojacking malware. Over 20,000 devices were restored by the police, expeerts from the national Computer Emergency Response teams and the cybersecurity firm. This reduced the number of infected devices in the region by 78 percent.
It was reported that these hackers made a lot of money from these cryptojacking and infected devices in this region. The infection affected virtually all MicroTik routers and the major router-OS software. The hashrate figures varied widly depending on the types of processors. The estimates of the hashes were 300 per second for the common ARM processors found in mobile phones according to the Monero community.
With that hashrate and the number of devices restored from the infection, it suggests that the hackers made an estimate of $13,000 per month from infected devices. Profit from mining has varied within the last two years but the monthly income from cryptojacking is still between five to six figures. These cybercriminals have made tons of money from this illegal activity. The figure of devices affected all over the world is not clear.