[LACNIC/Seguridad] Postmortem of a Compromised MikroTik Router

Lucimara Desiderá lucimara en cert.br
Jue Ago 16 16:30:58 BRT 2018

"Postmortem of a Compromised MikroTik Router
An examination of a router infected in a large-scale coin-mining campaign.

Cryptocurrency coinminers are the new ransomware and malicious actors 
have already pounced on the opportunity to make their fortune. Symantec 
has been tracking a large-scale coin-mining campaign which, as per 
Shodan, has currently infected about 157,000 MikroTik routers.

Researchers discovered this coin-mining campaign in early August 2018. 
The campaign was initially concentrated in Brazil; however, it soon 
began infecting routers around the world. I decided to take a closer 
look at one of these infected routers to get a better understanding at 
what’s going on."

Artigo completo em:



Lucimara Desiderá

Más información sobre la lista de distribución Seguridad