Skip to main content
  1. Home
  2. Computing
  3. Web
  4. News

415,000 routers worldwide reportedly infected with cryptojacking malware

Add as a preferred source on Google
online Bitcoin courses
Image used with permission by copyright holder

A new report suggests that more than 415,000 routers globally could be affected by a malware that allows hackers to steal the computing power of connected PCs to mine for cryptocurrency in a scheme known as cryptojacking. The number of affected routers has more than doubled since the malware was initially discovered in August. At the time, it was reported that around 200,000 routers were affected.

Even though the malware threat is expanding, it only affects users who use MikroTik routers. “It is worth pointing out that the number of breached devices might be slightly off, since the data reflects IP addresses known to have been infected with cryptojacking scripts,” The Next Web reported. “Still, the total amount of compromised routers is still pretty high.”

Recommended Videos

Most of the initially compromised routers were concentrated in Brazil, but as the infection threat expanded, we’re seeing that routers in North America, South America, Africa, Europe, the Middle East, and Asia have also been affected since August, according to a new threat detection map. MikroTik routers are largely sold to internet service providers and organizations, and the surge in router infections shows that not many organizations had installed the latest router firmware.

By exploiting a security flaw in older versions of the router’s firmware, the attacker was able to inject Coinhive script onto every web page that a user visits. “MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface,” the National Vulnerability Database said of the flaw behind MiktroTik’s firmware. Though Coinhive was initially conceived as legitimate software to allow websites to temporarily borrow a visitor’s hardware to mine for Monero, abuse of the script has led many antivirus software to block Coinhive.

However, the good news is that a patch was made ready within a day of discovery to rid affected routers of the cryptojacking malware. Security experts recommend that users of MikroTik routers download the latest firmware from the company’s website to stay ahead of the malware.

Although the cryptocurrency bubble has burst, leading to an excess of graphics cards that were stockpiled during the height of the crypto boom, cryptojacking remains a serious security threat. In a separate incident last month, Nova Scotia’s St. Francis Xavier University in Canada was forced to shut down its entire network after consultation with cybersecurity experts after it was discovered that a hacker had hacked the university’s system to steal computing resources to mine for Bitcoin.

Fortunately for cryptojacking attacks, personal information on or transmitted across the network is generally not compromised, unlike the Russian-linked Wi-Fi malware story from earlier this year. With cryptojacking, the attackers are mainly interested in the computing power that’s connected to the Wi-Fi network to mine for cryptocurrency.

Chuong Nguyen
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
Canva Code 2.0 just made vibe coding way less intimidating for everyone
Canva Code 2.0 feature

Coding used to be reserved for developers who spent years learning complex languages. That has slowly changed with vibe coding, which lets you build apps and websites using simple, plain-language prompts. 

The problem is that most of these tools still feel intimidating for regular folks, as they still need to understand the code to make any meaningful changes. If not, everything you make tends to look the same.

Read more
Windows users can finally pick when updates stop with Microsoft’s latest patch
From pausing updates on your own schedule to rolling back a broken PC in one click, here's everything new in Windows 11's July 2026 update.
Windows 11 Laptop

Patch Tuesday updates are usually a shrug-and-install affair, but Microsoft's July 2026 release actually gives you something to be excited about.

You can grab this update, tagged KB5101650, right now through Settings, or manually via the Microsoft Update Catalog if you'd rather not wait for it to roll out.

Read more
Can AI audiobooks narrate better than humans? This study says many listeners think so
New study finds listeners favor AI narrated audiobooks over traditional human narration in blind testing.
Audiobooks on Spotify on an iPhone.

You might assume most listeners would pick a real human voice over a synthetic one, but a new study says otherwise. Edison Research at SSRS surveyed 1,005 fiction audiobook fans in May 2026 for a study commissioned by AI audio company Spoken. The twist is that listeners rated the AI narration higher, and they did not even know it was AI until after they heard it (via Variety).

Why listeners favored the AI narration

Read more