Collaboration Between Interpol, Trend Micro Tackles Crypto Mining Malware

  • In 2019 Trend Micro created a document which detailed how routers in Asia were being affected by crypto mining malware.
  • Interpol then started an operation and was able to identify the infected routers.
Interpol headquarters in Lyon, France

Interpol headquarters in Lyon, France. Inside Arabia

Cybersecurity firm Trend Micro has collaborated with the international crime fighting agency Interpol in fighting cryptocurrency mining malware afflicting computer routers across Asia, the company said in a blog post on 8 January.

According to the announcement, Interpol’s Global Complex for Innovation (IGCI) in Singapore has spent five months tackling the epidemic of the Coinhive cryptojacker, which was installed on MicroTik routers thanks to a vulnerability. The malicious malware was used by cybercriminals, who utilized their victim’s resources to mine cryptocurrency.

Trend Micro was able to create a “Cryptojacking Mitigation and Prevention” guidance document in June 2019, which explained how a vulnerability in home and enterprise routers led to thousands of devices being infected in the region. Furthermore, the document also detailed how victims could use the Trend Micro software to detect and remove the malware.

Following the release of the document “Operation Goldfish Alpha” began, which saw Interpol interact with experts from national Computer Emergency Response Teams (CERT’s), as well as with police from 10 nations across Asia, to identify and help victims of infected routers.

The press release further states that over 20,000 routers were identified as affected, but through the combined effort were later restored, reducing the number of infected devices in the region by 78 percent. The Cyber Defense Institute also provided assistance with the operation, with Craig Jones, the Director of Cybercrime for Interpol, saying:

“When faced with emerging cybercrimes like cryptojacking, the importance of strong partnerships between police and the cybersecurity industry cannot be overstated. By combining the expertise and data on cyberthreats held by the private sector with the investigative capabilities of law enforcement, we can best protect our communities from all forms of cybercrime.”

All Mikro Tik routers that used its proprietary RouterOS have been affected by this vulnerability, with Trend Micro reporting that the attackers used the affected devices to mine Monero (XMR).

Discussion
Related Coverage
Cyber Criminals Targeting Gamers With Monero Mining Malware
  • The “Crackonosh” malware was found hidden in cracked versions of popular games such as NBA 2K19, GTA V, and Far Cry 5.
  • Active since 2018, the malware has drained over $2 million in XMR from users and affected around 220,000 computers.
June 25, 2021, 5:05 PM
Programming code

Shutterstock

Bitcoin Mining Company Merges With Support.com
  • The acquisition is part of Greenidge’s plan to list on Nasdaq.
  • Support.com stock were up as much as 283% shortly after the announcement.