Interpol’s Successful Operation Leads to Drastic Reduction in Cryptomining Malware in Southeast Asia
Interpol is celebrating a major win after a region-wide operation, known as Goldfish Alpha, resulted in a significant decrease in the number of routers infected with cryptomining malware in southeast Asia.
The operation, which kicked off in June 2019, was launched in response to intelligence reports that identified over 20,000 compromised routers in the ASEAN region, making up nearly 18% of global infections.
Over the course of five months, law enforcement agencies and CERT staff from ten countries including Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand, and Vietnam, collaborated with private sector organizations like Trend Micro to locate the infected routers, notify the victims, and patch the devices.
Thanks to their collective efforts, there was a remarkable 78% reduction in the number of infected routers. The operation is still ongoing to identify and patch the remaining devices, according to Interpol.
Interpol commended the support from the Cyber Defense Institute and Trend Micro for their assistance in information sharing and analysis, as well as providing essential guidelines for patching infected routers and advice on preventing future infections.
Craig Jones, Interpol’s director of cybercrime, emphasized the importance of strong partnerships between law enforcement and the cybersecurity industry in combating emerging cybercrimes like cryptojacking.
Trend Micro, in a blog post, detailed their guidance on detecting and removing the Coinhive JavaScript used by hackers to mine for cryptocurrency on affected MicroTik routers. The company revealed that cryptojacking was the most detected threat in the first half of 2019 in terms of file-based threat components.
While cryptojacking may not have the same immediate impact as other cyber threats like data breaches or ransomware, it can still cause significant issues such as slowing down home networks and increasing energy bills. There is also the risk that hackers could use the infected machines for future attacks.
As Interpol continues to work on eliminating cryptomining malware in southeast Asia, the collaboration between law enforcement agencies and cybersecurity firms remains crucial in safeguarding communities from cyber threats.