Cryptojacking has reared its ugly head in India again! According to reports, hackers have infected 30,000 routers with cryptocurrency mining malware called CoinHive. The script is used to secretly mine privacy focused cryptocurrency Monero (XMR). In this case, the compromised routers were used to mine cryptocurrencies on every web page a user visits.
The MicroTik brand of routers has been exploited for this purpose. Notably, these routers are being used by several telecom companies and Internet Service Providers (ISPs) in India. Cybersecurity research group Banbreach has identified that the three ISPs most affected by this mining malware include Honesty Net Solution, Elxire Data Services, and Gigantic Infotel Pvt. Delhi is the most affected, followed by Thane and Mumbai. Tier 3 cities have faced the highest impact of cryptojacking. Recently, many Indian government websites were also used by hackers for cryptojacking.
We recommend that users check their router brand and keep a close watch on their data and energy consumption patterns if they have subscribed to services from any of the ISPs named in the research report.