Washington, DC - In the interest of keeping things light on a Friday, let’s turn our attention to a fascinating story that was first reported on by ZDNet’s Catalin Cimpanu: a Russian-speaking grey-hat hacker has been breaking into people’s MikroTik routers and patching them so they won’t be exploited by crypto-miners and other kind of digital ne’er-do-wells.
On a Russian blog site, the Russian-speaking Grey Hat, Alexey, boasted that he had already patched over 100,000 MikroTik routers.
“I added firewall rules that blocked access to the router from outside the local network,” Alexey wrote. “In the comments, I wrote information about the vulnerability and left the address of the @router_os Telegram channel, where it was possible for them to ask questions.”
Unfortunately, the response has been tepid at best. About 50 people have contacted Alexey, a few to say thank you but most of them were angry at the invasion.
There’s a little bit to unpack here about Hacker hats, the MikroTik vulnerability and the ethics of this kind of activity.