A massive hacking campaign has been uncovered, compromising tens of thousands of MikroTik routers to embed Coinhive cryptomining scripts in websites using a known vulnerability. The campaign is mainly targeting Brazil but infections are growing internationally, according to Trustwave s Secure Web Gateway team, indicating much larger ambitions. The attacks demonstrate the dangers of neglecting to patch the vulnerability in the routers, which was patched on April 23rd. A Shodan search shows at least 70,000 affected routers in Brazil alone.
Source: https://threatpost.com/huge-cryptomining-attack-on-isp-grade-routers-spreads-globally/134667/