An Interpol-coordinated operation in Southeast Asia against a new form of cybercrime known as cryptojacking has led to a significant reduction in the number of infected devices throughout the region.

Cryptojacking is the unauthorized use of victims ' computing power to mine cryptocurrency for cybercriminals. During cryptojacking, victims unwittingly install a program with malicious scripts that allow cybercriminals to gain access to their computer or other devices connected to the Internet. This is often the result of victims clicking on malicious links or visiting infected websites. Programs called "coin miners" are then used by cybercriminals to mine cryptocurrency.
Routers targeted at

Based on data from the police and cybersecurity partners, Interpol has identified a global crypto-hacking campaign, which was facilitated by the exploitation of a vulnerability in MikroTik routers. The intelligence was developed and disseminated through cyberattack reports to the affected member countries.

Recognizing cryptojacking as a growing threat in the ASEAN Region (Association of Southeast Asian Nations), the ASEAN Cyber Capabilities Division of INTERPOL launched Operation Goldfish Alpha in June 2019. At that time, intelligence revealed more than 20,000 hacked routers in the region, accounting for 18 percent of infections worldwide. With the support of the Interpol Cyber Fund project, an operational meeting was held in June 2019 to coordinate the response measures.

During the five-month operation, cybercrime investigators and experts from the police and National Computer Emergency Response Teams (CERT) in 10 ASEAN countries (Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam) worked together to find infected routers, warn victims and fix devices so that they are no longer under the control of cybercriminals. The INTERPOL Office in ASEAN facilitated the exchange of information and follow-up between the countries concerned.

When the operation ended at the end of November, the number of infected devices decreased by 78 percent. Efforts are continuing to remove infections from the remaining devices.
Private sector support

Private sector partners, including the Cyber Defense Institute and Trend Micro, supported the operation by exchanging information and analyzing cases of hacking of cryptographic devices, as well as providing participating countries with guidelines for fixing infected routers and recommendations for preventing future infections. The National Cyber Security Center of Myanmar has also released a set of good recommendations on cyber hygiene to protect against cryptojacking.

Operation Goldfish Alpha is aimed at crypto-hacking in the ASEAN region.

” When we face new cybercrimes, such as cryptojacking, the importance of a close partnership between the police and the cybersecurity industry cannot be overemphasized, " said Craig Jones, Director of Cybercrime at Interpol.

"By combining the expertise and data on cyber threats available to the private sector with the investigative capabilities of law enforcement agencies, we will be able to best protect our communities from all forms of cybercrime,” concluded Mr. Jones.

As a type of crime that is not yet widely known to law enforcement agencies around the world, Operation Goldfish Alpha also helped to raise awareness about cryptojacking, how to identify it and how to mitigate the threat.