Interpol is celebrating after a region-wide operation led to a drastic reduction in the number of routers in southeast Asia infected with cryptomining malware.
Operation Goldfish Alpha began in June 2019 after intelligence identified over 20,000 compromised routers in the ASEAN region, accounting for nearly a fifth (18%) of global infections.
Over the succeeding five months of the operation, law enforcers and CERT staff from Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam worked together with private sector organizations including Trend Micro.
Their mission: to locate the infected routers, alert the victims and patch the devices.
Their efforts led to a 78% reduction in the number of infected routers, with efforts continuing to identify and patch the remaining devices, Interpol said.
The policing organization hailed the support of the Cyber Defense Institute and Trend Micro in helping with information sharing and analysis, as well as providing crucial guidelines for patching infected routers and advice on preventing future infections.
“When faced with emerging cybercrimes like cryptojacking, the importance of strong partnerships between police and the cybersecurity industry cannot be overstated,” said Interpol’s director of cybercrime, Craig Jones.
“By combining the expertise and data on cyber-threats held by the private sector with the investigative capabilities of law enforcement, we can best protect our communities from all forms of cybercrime.”
Trend Micro explained in a blog post that its guidance document detailed how to detect and remove the Coinhive JavaScript being used by hackers to mine for cryptocurrency on affected MicroTik routers.
The firm claimed cryptojacking was its most detected threat in the first half of 2019, in terms of file-based threat components.
“Unlike serious data breaches, phishing attacks, ransomware and banking Trojans, cryptojacking doesn’t have a major impact on the victim. They don’t lose sensitive personal data, there’s no risk of follow-on identity fraud and they’re not extorted for funds by being locked out of their PC,” it continued.
“However, it’s not without consequences: cryptomining malware can slow your home network to a crawl while running up serious energy bills. It may even bring your home computers to a premature end. Also, there’s always the risk with any kind of malware infection that hackers may switch tactics and use their footprint on your home machines to launch other attacks in the future.”