Thousands of MikroTik Routers Compromised by Mining Code: A Deep Dive into MikroTik Router Mining Exploit

Pretending to Work Seriously

[Hot Search] Thousands of MikroTik Routers Infected with Mining Code

The security lab report states that 7,500 MikroTik routers have been embedded with mining code and redirect user traffic to IP addresses specified by the attacker. The hacker tool Chimay Red involves using two MikroTik exploits, including Winbox Arbitrary Directory File Read (CVE-2018-14847) and Webfig Remote Code Execution vulnerability. Researchers used honeypots to discover that malware is exploiting the MikroTik CVE-2018-14847 vulnerability to inject CoinHive mining code, enable Socks4 proxy, and monitor network traffic through the routers.

[Hot Search] Severe Wireshark Vulnerability Disclosed

According to reports, the Wireshark team has patched numerous critical vulnerabilities that could be exploited to force system crashes and Denial of Service (DoS). In the analysis report, CVE-2018-16056, CVE-2018-16057, and CVE-2018-16058 could significantly disrupt running versions, allowing unauthenticated remote attackers to send crafted packets into the network, leading to component crashes. The Wireshark team acknowledged these security vulnerabilities and has released software updates addressing the issues.

[Vulnerability] Wi-Fi Weakness in Chrome

Recently, researchers found vulnerabilities in Google Chrome and Opera browsers that make Wi-Fi susceptible to attacks. Browsers based on the Chrome kernel can save router management page credentials in Wi-Fi and re-enter them automatically for user convenience. However, most home routers do not use encrypted communication for background management, allowing researchers to exploit this credential auto-login to steal router login credentials and use them to capture Wi-Fi passwords (PSK). This vulnerability affects any Chromium kernel-based browser.

[Vulnerability] Android API Breaking Flaw Exposed

Recently, security experts from Nightwatch Cybersecurity discovered a vulnerability in the Android system that allows network attackers to secretly capture Wi-Fi broadcast data to track users. This data includes Wi-Fi network names, BSSID, local IP address, DNS server data, and MAC addresses. Once a device is infected by malicious apps, it enters a state of surveillance by hackers, intercepting the broadcast information from other apps.

Let Loose and Enjoy

[Gourmet] Shepherd’s Mansion Hot Pot

Location: 2nd floor, Xinman Building, 212 Hualin Road. This is a popular Black Pearl restaurant in Shanghai, known for its unique charm and cultural heritage. Shepherd’s Mansion Hot Pot specializes in Hong Kong-style hot pot, featuring exquisite and fresh seafood and top-grade beef. Recommended: [Signature Matsutake Clear Soup Base] and [Premium Fish Gelatin Chicken Soup Base] of high nutritional value. [Canadian Black Mussels] are fresh, white, tender, and delicious. [Antique Claypot Rice] is made from premium cured meats and sausages, with an intoxicating aroma that leaves a lingering taste. Rating: Four stars.

 

[Travel] Vacation Approaching, Popular Tourist Route Prices Surge by 50%

With the approach of Mid-Autumn and National Day, vacation travel products have once again entered a peak booking period, with prices of popular travel routes departing from Fuzhou generally increasing by 50%. Domestically, Hainan, Yunnan, Beijing, Gansu, and Sichuan are the five most popular travel destinations, with product quotes rising by 30%-80%. Outbound tourism product prices have mostly increased by more than 50%. According to airline sources, National Day holiday airfare pre-prices are expected to rise by approximately 15% compared to usual.

[Movie News] ‘Mission: Impossible 6’ Box Office Surpasses 588 Million in 4 Days

Hollywood’s action-adventure blockbuster and classic spy series’ new installment ‘Mission: Impossible 6’ is currently on a hot release, igniting a nationwide craze for secret agents. The film surpassed 100 million at the box office within 15 hours of release, capturing 300 million in two days, and has currently reached a cumulative box office of 588 million. Tom Cruise leads the charge, breaking historical records for August box office revenue. Millions of viewers have been captivated by the high-energy and dazzling stunt scenes and intricate plot twists. There are still many behind-the-scenes secrets of the film waiting to be explored by fans!

[Games] ‘NBA 2K19’ Released Today

Recently, the official NBA 2K19 Twitter account released a brief live-action commercial featuring LeBron James to hype up the upcoming special event. On September 7, players who pre-order can unlock the game, while other players will unlock it on September 12. ‘NBA 2K19’ is a basketball sports game developed by 2K, officially released on September 12, available on Xbox One/PS4/PC/Switch platforms, and the mainland China PS4 version also supports Chinese commentary by Yang Yi, Su Qun, and Yang Jian.

[Sports] NBA—’Magician’ Boris Diaw Announces Retirement

On September 7, Beijing time, Boris Diaw, known as the ‘French Magician’, announced his retirement via social media today. On his personal Twitter, Diaw released a documentary with friends Tony Parker and Ronny Turiaf. Currently 36 years old, Diaw was the 21st overall pick in the first round of the 2003 draft, playing 14 years in the NBA with teams including the Hawks, Suns, Bobcats, Spurs, and Jazz, totaling 1,064 regular-season games, 563 as a starter, with an average of 27.0 minutes, contributing 8.6 points, 4.4 rebounds, and 3.5 assists.