Interpol cooperated with a cybersecurity company to reduce the phenomenon of cryptographic intrusions

By Selena 01/12/20 8:13 AM

Interpol has officially partnered with Trend Micro, a cybersecurity company, to minimize the phenomenon of cryptographic intrusions affecting MikroTik routers in Southeast Asia, according to a press release on January 8. This cooperation has reduced by 78% following a five-month police operation led by Interpol.

Interpol cooperates with the cybersecurity company to fight cryptojacking

Cryptojacking is the unauthorized use of an individual or organization’s computer to secretly mine for cryptocurrency. In particular, an attacker infected popular devices with cryptographic malware using the victim’s resources to extract cryptographic currency. Therefore, when Trend Micro Cybersecurity partnered with Interpol Global Complex for Innovation to clean up malware-infected MikroTik routers, it was extremely commendable.

As part of the ‘Goldfish Alpha Operation,’ Trend Micro developed the ‘Cryptojacking Mitigation and Prevention’ guide (Mitigation and Prevention of Cryptographic Intrusion). In particular, guidelines detail the common brand vulnerability of home and business routers that have led to thousands of devices being infected across the ASEAN region. The guidelines also suggest how victims can use Trend Micro software to detect and remove malware.

In the five months since the document was developed in June 2019, experts from the national computer incident response teams and police have helped identify and restore over 20,000 infected routers, reducing 78% of devices that are affected in the area.

The vulnerability was observed in all MikroTik routers that have their RouterOS operating system. These routers contain a range of ARM-based processors, ranging from 600 megahertz single-core processors to 72 gigahertz cores.

Craig Jones, director of cybercrime at Interpol, said:

“When faced with emerging cybercrimes like cryptojacking, the importance of strong partnerships between police and the cybersecurity industry cannot be overstated. By combining the expertise and data on cyber threats held by the private sector with the investigative capabilities of law enforcement, we can best protect our communities from all forms of cybercrime.”

Craig Jones, Interpol’s director of cybercrime, introduced Operation Goldfish Alpha in June 2019

Trend Micro reports that the attackers extracted Monero (XMR) from broken devices. Moreover, Monero is one of the only coins that can be reasonably extracted using conventional processors. Especially after Monero upgraded RandomX, continuing to shift focus to CPU.

While hash let figures have changed a lot depending on the type of ARM processor, the indexes provided by the Monero community allow an average of 300 hashes per second for some typical ARM processors commonly found on smartphones.