"In total, CTU researchers documented 51 compromised networks from 19 different Internet service providers (ISPs)," the Dell team wrote in a blog post on Thursday.
"The threat actor hijacked the mining pool, so many cryptocurrencies were impacted," the researchers write. "The protocols make it impossible to identify exactly which ones, but CTU researchers have mapped activity to certain addresses."
"Unlike network routing protocols that can automatically initiate a connection from one network, both ends of BGP-connected networks (also known as a 'peers') must be manually configured to communicate," the researchers write. "This requirement ensures malicious networks cannot hijack traffic without human intervention from a legitimate network."