Banbreach was able to successfully monitor Internet traffic and identify all devices connected to the Internet with public IP addresses. This enabled the firm to examine traffic passing through routers.
While performing the research, Banbreach segregated areas of India into three distinct categories according to population density. The report states that 45% of the exploited routers in India are located in the least densely populated regions.
Hackers usually deploy CoinHive, which is inherently not a malicious code. Several firms, including charities, and individuals run the software with their machines legitimately. Ironically, it is popular among hackers for mining cryptos without authorization to use other peoples system that are connected to the net.
Tier 3 cities are the most affected, followed by tier 1. pic.twitter.com/2fCyR7fQqj
— Banbreach (@Banbreach) October 5, 2018
The software is installed by various deceptive practices to illicitly mining cryptocurrency on computers of internet users. The process is also called cryptojacking. The program uses a portion or all of the computing power of a system to mine Monero (XMR).
A study conducted on the profitability of such hacked mining activities has pegged the money generated to be over $250,000 in XMR every month.
Vipin Nathaw, a cybersecurity enthusiast based out of Mumbai, has tweeted as follows:
“found the same thing in the router provided by [his] Internet service provider (ISP) a couple of days ago. Probably all the routers used by them are infected and outdated.”
Last month, it was reported that several websites of Indian government organizations have been exploited by hackers. A rough estimate puts the number of government websites cryptojacked to run CoinHive to be 119. According to the report, more than 13,500 home routers in India were infected by crypto malware, a figure that was only surpassed globally by Brazil.
Furthermore, a research report published June indicates that XMR has an “incredible monopoly” on the cryptojacking industry. Approximately $175 million of Monero, or roughly 5% of all XMR in circulation is believed to have been mined maliciously when the report was prepared.