More than 2 million MikroTik routers appear to be internet-connected. Of those, more than 420,000 appear to have been exploited and infected with malicious cryptocurrency-mining scripts. In April, Latvian manufacturer Mikrotik rapidly patched a zero-day flaw, designated CVE-2018-14847. The flaw gives attackers complete access to a vulnerable router, giving them access to Winbox – a simple GUI administration utility for MicroTik’s RouterOS – as well as Webfig.”]
Source: https://www.databreachtoday.com/cryptojackers-keep-hacking-unpatched-mikrotik-routers-a-11627