Collaboration Between Interpol, Trend Micro Tackles Crypto Mining Malware

  • In 2019 Trend Micro created a document which detailed how routers in Asia were being affected by crypto mining malware.
  • Interpol then started an operation and was able to identify the infected routers.
Interpol headquarters in Lyon, France

Interpol headquarters in Lyon, France. Inside Arabia

Cybersecurity firm Trend Micro has collaborated with the international crime fighting agency Interpol in fighting cryptocurrency mining malware afflicting computer routers across Asia, the company said in a blog post on 8 January.

According to the announcement, Interpol’s Global Complex for Innovation (IGCI) in Singapore has spent five months tackling the epidemic of the Coinhive cryptojacker, which was installed on MicroTik routers thanks to a vulnerability. The malicious malware was used by cybercriminals, who utilized their victim’s resources to mine cryptocurrency.

Trend Micro was able to create a “Cryptojacking Mitigation and Prevention” guidance document in June 2019, which explained how a vulnerability in home and enterprise routers led to thousands of devices being infected in the region. Furthermore, the document also detailed how victims could use the Trend Micro software to detect and remove the malware.

Following the release of the document “Operation Goldfish Alpha” began, which saw Interpol interact with experts from national Computer Emergency Response Teams (CERT’s), as well as with police from 10 nations across Asia, to identify and help victims of infected routers.

The press release further states that over 20,000 routers were identified as affected, but through the combined effort were later restored, reducing the number of infected devices in the region by 78 percent. The Cyber Defense Institute also provided assistance with the operation, with Craig Jones, the Director of Cybercrime for Interpol, saying:

“When faced with emerging cybercrimes like cryptojacking, the importance of strong partnerships between police and the cybersecurity industry cannot be overstated. By combining the expertise and data on cyberthreats held by the private sector with the investigative capabilities of law enforcement, we can best protect our communities from all forms of cybercrime.”

All Mikro Tik routers that used its proprietary RouterOS have been affected by this vulnerability, with Trend Micro reporting that the attackers used the affected devices to mine Monero (XMR).

Related Coverage
Interpol Enters the Metaverse
  • Interpol’s metaverse was designed to streamline communication between agencies around the world, and provide online education and training courses to new recruits.
  • The move was made to prepare Interpol for the rising popularity of the technology, which will inevitably increase the number of crimes being committed on the metaverse.
October 21, 2022, 12:39 PM


Interpol Reportedly Issued “Red Notice” for Terra’s Do Kwon
  • Bloomberg cited a text message from South Korean prosecutors, who claimed Interpol has requested law enforcement agencies worldwide “locate and provisionally arrest” Do Kwon.
  • The co-founder of Terraform Labs had previously claimed he was not “on the run”, but his location remains unknown after authorities confirmed he was not in Singapore.
Cyber Criminals Targeting Gamers With Monero Mining Malware
  • The “Crackonosh” malware was found hidden in cracked versions of popular games such as NBA 2K19, GTA V, and Far Cry 5.
  • Active since 2018, the malware has drained over $2 million in XMR from users and affected around 220,000 computers.