Hackers Compromise 30,000 Routers in India – Cryptojacking Report


Cryptojacking—the illegal act of mining cryptocurrency using someone else’s computer without authorization—is one of the major ways hackers …..

Banbreach, an Indian-based security firm, has released a report showing an increased number of routers affected by cryptojacking software in India.

In its post released on Thursday, Banbreach noted that the number of compromised routers is almost 30,000, double the number from last month. For cities with the highest prevalence of infected routers, Banbreach said the increase is five-times the numbers from last month.

Banbreach wrote:

#Cryptojacking in #India: Nearly 30,000 #MikroTik routers in India are infected with #Coinhive. Here’s what it looks like today via two different search engines. (h/t @bad_packets for finding this originally)”

Banbreach cryptojacking report India top 3 cities
source: Banbreach

The security firm tracked the traffic on all devices connected to the internet via public IP addresses and was able to identify traffic passing through routers. With this data, Banbreach sought to find a pattern around the cryptojacking activity.

Breakdown of Cryptojacking findings

Banbreach discovered that less densely populated areas had more proportion of infected routers. Having grouped the cities into three tiers—tier 1 being the most populated—it found that Tier 3 was the most affected followed by tier 1 and finally tier 2 as the chart portrays.

Banbreach cryptojacking report India tier 1 tier 2 tier 3 regions
source: Banbreach


Fighting Cryptojacking

The cryptojacking report by Banbreach comes after it was revealed last month that hackers were already using 280,000 MicroTik routers to illegally mine Moreno [XMR] illegally from peoples’ PCs. In the previous month, the number of infected routers was 200,000.

Considering the menace which this is, efforts have been made to curb this activity of hackers. As Smartereum reported in April, Google banned cryptocurrency mining extensions on its Chrome browser. Recently it reviewed its Chrome browser extension policy to reject extensions which had hidden code and add closer monitoring of certain extensions. This move, cryptocurrency observers believe, will stop unauthorized mining of using Chrome browser extensions.

The National Cyber Security Center of the U.K also raised warning against cryptojacking in the country, expressing concerns that website owners will look to it as a new source of generating revenue. To generate revenue, site owners incorporate mining software CoinHive which mines Moreno [XMR] from using site visitors’ PCs. A study estimates that CoinHive mines over $250,000 worth of XMR every month.

Acceptable PC Cloud Mining

However, not all PC mining done using CoinHive is done illegally. The software is only being abused by black hat hackers. UNICEF, for instance, created a website “The Hope Page” which it uses to mine Moreno for its humanitarian activities using the CoinHive API.

Solomon Sunny is the market reporter for Smartereum, one of the global leaders in Ethereum, blockchain and currency news. He produces technical price updates on digital currencies and writes recent developments about blockchain.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.