On January 8, a press release highlighted the collaboration between Interpol and Trend Micro towards the reduction of cryptojacking affecting MikroTik routers across South-East Asia. Despite the reduction in the number of affected devices by 78% through the collaboration, it is not likely that it has remarkably impacted mining hashrate.

Cryptojacking involves infecting typical devices with crypto mining malware, thereby using the resources of the victim to mine cryptocurrency. The collaboration between Trend Micro and IGlobal Complex for Innovation of Interpol was towards the sanitizing of MikroTik routers infected with mining malware.

“Operation Goldfish Alpha” involved the development of a “Cryptojacking Mitigation and Prevention” guidance document by Trend Micro. The document provided details concerning the way a vulnerability affecting a typical brand of home and enterprise routers infected numerous devices in the ASEAN region. It also mentioned the potential method of detecting and eliminating the malware using Trend Micro software.

After defining the document in June 2019, experts helped with the identification and restoration of more than 20,000 affected routers. The effort helped reduce the number of infected devices in the region by 78 percent.

MikroTik routers featuring RouterOS were infected. A report by Trend Micro says the resources of the affected devices were used to mine Monero (XMR). XMR is one of the coins that can be judiciously mined using typical CPUs. Certain typical ARM processors generally found in smartphones can mine XMR at an average rate of 300 hashes per second, as estimated by the Monero community.

The CryptoCompare calculator says the estimated sum of money generated by the attackers at the moment is $13k every month, based on the network hashrate figures on January 9 and the number of affected devices. Nevertheless, the estimated number of affected devices worldwide since 2018 was 200k. The estimate was given prior to introducing RandomX. Prior to the upgrade, hashrates for ARM processors were about 10 hashes every second, which is quite low.

A variety of hard forks have taken place but it is not clear whether it is possible to update the mining software through them.

Featured Image Courtesy of Shutterstock