Cryptojacked routers reduce by 78% in SE Asia following Operation Goldfish Alpha

With so much bad news surrounding the subject of IoT security it’s a relief occasionally to be able share news of some positive developments occasionally.

This week, INTERPOL announced that a campaign it co-ordinated in Southeast Asia had dramatically reduced the number of infected devices across the region.

Operation Goldfish Alpha was a six-month effort to secure hacked devices across Southeast Asia, launched after the discovery in the region of 20,000 MicroTik routers that had been exploited via an operating system vulnerability to mine for cryptocurrency without the consent or knowledge of their owners.

Operation Goldfish Alpha (no, we don’t know why they called it that either…) saw law enforcement agencies, the private sector, and security experts team up across Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam to share information.

Their common aim? To locate the routers infected with cryptomining script, alert their owners, and patch the compromised devices so they were no longer under the control of criminals.

This week INTERPOL announced that the initiative had successfully reduced the number of infected devices by 78%. Efforts to clean-up the remaining infected devices continue.

“When faced with emerging cybercrimes like cryptojacking, the importance of strong partnerships between police and the cybersecurity industry cannot be overstated,” said INTERPOL’s Director of Cybercrime, Craig Jones. “By combining the expertise and data on cyberthreats held by the private sector with the investigative capabilities of law enforcement, we can best protect our communities from all forms of cybercrime.”

And although cryptojacking may not be the cause of the most dramatic security headlines when compared, say, to data breaches, ransomware attacks, and embarrassing hacks, they do still pose a threat to users by slowing down networks and gobbling up resources.

The 20,000 infected MicroTik routers in Southeast Asia are thought to amount to nearly a fifth (18%) of global infections, so based on Operation Goldfish Alpha’s success in the region there’s likely to be much that could be replicated elsewhere around the world.

As ever, computer users are advised to keep abreast of IoT security issues, and share the word of the importance of securing all of their internet-connected devices with the latest vulnerability patches and strong, unique passwords.

Add Comment

Your email address will not be published. Required fields are marked *