Crypto-mining malware attacks against iPhones went up 400% in the last two weeks of September, security firm Check Point notes in a new report.
Crypto-mining attacks have intensified over the past couple of years, fueled by a massive surge in the price of crypto-currencies. Threats range from botnets to fileless malware and malicious programs that abuse NSA-linked exploits for propagation. Industrial systems are frequently hit as well.
While most of these attacks target Android, iPhone users weren’t spared either, as Check Point reveals. Amid a four-fold increase in crypto-mining malware assaults on iPhones, attacks on Safari users also intensified, the security firm reveals.
The attacks used the Coinhive mining malware, which emerged as the leading threat in December 2017 and has remained the top malware ever since. At the moment, Coinhive impacts 19% of organizations worldwide.
“Crypto-mining continues to be the dominant threat facing organizations across the world. The attacks on Apple devices are not using any new functionalities. The reason behind the increase is not yet known, but serves to remind us that mobile devices are an often-overlooked element of an organization’s attack surface,” Check Point says.
Other malware families present on the list are Dorkbot, a worm that supports remote code execution, the Andromeda bot, Roughted malvertising campaign, Ramnit banking Trojan, Conficker worm, and the Emotet Trojan.
The top 3 most exploited vulnerabilities in September, were in Microsoft IIS WebDAV, OpenSSL, and PHPMyAdmin.
“CVE-2017-7269 is the most popular exploited vulnerability for the 7th consecutive with global impact of 48% of organizations. In second place [is] CVE-2016-6309 with a global impact of 43%, closely followed by Web servers PHPMyAdmin Misconfiguration Code Injection impacting 42% of organizations,” Check Point notes.
Related: Crypto-Miners Slip Into Google Play
Source: infosec island