In March, routers from Latvian manufacturer MikroTik were hit by an advanced threat dubbed Operation Slingshot. The company patched for the threat, but now a new cryptomining attack appears to be spreading rapidly. The attack has now hit more than 200,000 routers, according to researchers at Trustwave. The threat actor then shifted strategies to only inject the miner through router-based error pages. Fortunately, those same global users have a meaningful response possible for the attack.”]
Source: https://www.darkreading.com/attacks-breaches/cryptojacker-campaign-hits-mikrotik-routers