About 1 month ago, over 200,000 Mikrotik router devices were hacked by cybercriminals who successfully infected the hardware and network with crypto-mining malware. Fast forward 1 month later and security researchers at Qihoo 360 Netlab have cracked the case open after learning that 7,500 of the 200,000 router devices had the ability to actively eavesdrop on victims since mid-July.
Researchers found that technology that is designed for Windows users to easily configure the routers that download specific files was the vulnerability in the products used to hijack the network and directly affect the users of the product.
According to the Hacker News, the hackers successfully eavesdropped on victims since the MikroTik RouterOS devices allow users to capture packets on the router and forward them to the specified Stream server, attackers are forwarding the traffic from compromised routers to IP addresses controlled by them. With victims of this attack spread across the world, mostly concentrated in Russia, Mikrotik sent a message to those affected to use the updated patch to protect their networks from further vulnerabilities.
It’s not apparent if the hackers were targeting any victims specifically, but as a business, it immediately puts the confidential data in jeopardy of getting stolen, lost, or damaged. Evolve MGA offers cyber insurance that covers policyholders in this type of event. Get appointed with our cyber insurance specialists for a FREE Quote!
If you’d like to read more about how Mikrotik router devices got hijacked by cyber criminals, click here.