Report: Number of Compromised Routers in India Doubled, Reaching Almost 30,000

A recent report by security company Banbreach has found that in the past month, the number of routers compromised by cryptojacking software in India has doubled. The report indicates that hackers have cracked over 30,000 routers within the country, Hard Fork reported Oct. 5.

Banbreach managed to track Internet traffic and detect all devices on the Internet with public IP addresses, which made it possible to examine traffic passing through routers.

In the course of its research, Banbreach grouped populated areas of India into three categories from most to least dense. According to the report, 45 percent of the infected routers in India are in the least densely populated areas.

Tier 3 cities are the most affected, followed by tier 1. pic.twitter.com/2fCyR7fQqj

— Banbreach (@Banbreach) October 5, 2018

“For the top three cities with the most infected routers, the growth has been [500 percent],” Banbreach reported.

The number of compromised routers have doubled in the past month. For the top three cities with the most infected routers, the growth has been ~5x. pic.twitter.com/TuCxt0evnb

— Banbreach (@Banbreach) October 5, 2018

While CoinHive is not an inherently malicious code — charities have employed it and analogues like it — it has become popular among hackers for illicitly mining cryptocurrency on web surfers’ computers, or cryptojacking. Its code uses a part or all of the computing power of a browser to mine altcoin Monero (XMR).

Related research reportedly suggests that the total output of all machines “infected” with CoinHive generate over $250,000 in XMR every month.

Vipin Nathaw, a security enthusiast from Mumbai, tweeted that he “found the same thing in the router provided by [his] Internet service provider (ISP) a couple of days ago. Probably all the routers used by them are infected and outdated.”

Last month, Cointelegraph reported that Indian official government websites have become a prime target for cryptojacking, where more than 119 Indian websites run CoinHive code. Per the report, over 13,500 home routers in India were infected by cryptojacking malware — a figure that was only outflanked globally by Brazil.

A study conducted in June found that XMR has an “incredible monopoly” on the cryptocurrencies targeted by malware. $175 million of Monero — around 5 percent of all XMR in circulation at the time of the report — had been mined maliciously.

Unitize Conference Covers Ground, Mulls Blockchain Adoption and DeFi   July 10, 2020
Businesses Increasingly See Crypto Mining Attacks in Cloud Infrastructures   March 15, 2019
McAfee Labs: Crypto Mining Malware Grows by 86% in Q2, Over 2.5 Mln New Coin Miner Samples   Sept. 26, 2018
Monero Implements Hard Fork, Including New ASIC-Resistant Mining Algorithm   Dec. 2, 2019
Monero community concerned as leading mining pool nears 51% of ecosystem's total hash rate   Feb. 15, 2022