Apple might want to get all of the attention to its latest iPhones, but it appears this surge in popularity is also translating into more malware attacks. In the last two weeks of September, cryptomining attacks against iPhones went up by nearly 400% according to security researchers at Check Point.
The attacks were detected against Safari users on iPhone where attackers used the Coinhive mining malware. It isn't immediately clear what has caused this sudden spike in attacks against iPhones.
Cryptomining malware remains the dominant threat
Cryptomining attacks were at their peak last year after an unprecedented surge in the value of Bitcoin and other cryptocurrencies. While the values of these coins may have stabilized, it appears the mining malware still remains popular among cybercriminals. It has been reported time and again that mobile devices aren't the perfect products to mine on but that hasn't stopped criminals from targeting smartphones.
Coinhive mining malware continues to hold the top position, which it has hoarded since December 2017, followed by a remote code execution trojan dubbed Dorkbot in second place and CryptoLoot, a Coinhive competitor that demands a lower percentage of revenue from websites, in the third.
"Coinhive now impacts 19% of organizations worldwide, and once again crypto miners dominated the threat index," security researchers wrote. "Meanwhile, Dorkbot - the trojan that steals sensitive information and launches denial-of-service attacks, remained in second place with a global impact of 7%."
The latest increase in iPhone cryptomining attacks raises questions
"Crypto-mining continues to be the dominant threat facing organizations across the world," Maya Horowitz, threat intelligence group manager at Check Point, said in a press release. “What is most interesting is the fourfold increase in attacks against iPhones and against devices using the Safari browser during the last two weeks of September. These attacks against Apple devices are not using new functionality, so we are continuing to investigate the possible reasons behind this development.”
She added that attacks against mobile devices are "an often-overlooked element of an organization’s attack surface," even though they are potentially the most easily targeted. "It’s critical that mobile devices are protected with a comprehensive threat prevention solution to stop them being the weak point in corporate security defenses."
- More details available over at CP's latest Global Threat Index.
