An almost 400% increase in crypto mining malware targeting iOS devices and devices using the Safari browsers has been observed by Check Point’s research team while analyzing data to build their Global Threat Index for September 2018.
“Crypto-mining continues to be the dominant threat facing organizations globally. What is most interesting is the four-fold increase in attacks against iPhones, and against devices using the Safari browser during the last two weeks of September," according to Check Point's Maya Horowitz, Threat Intelligence Group Manager.
"These attacks against Apple devices are not using new functionality, so we are continuing to investigate the possible reasons behind this development," also said Horowitz.
Attackers use the Coinhive miner to surreptitiously mine for Monero coins because, unlike Bitcoin, the Monero blockchain comes with virtually untraceable transactions, a feature that makes it quite attractive to most cybercrooks.
Coinhive still occupies the first position it reached in Check Point's Global Threat Index in December 2017
Coinhive was released as an alternative to advertising for websites who wanted to offer their visitors another way of supporting their efforts.
Although Coinhive-based attacks are not designed to steal data from their targets or propagate and infect other victims, the fact that they will lock the device they attack and drain its battery makes it one of the most annoying and hard to counter of all security threats for users with not enough cybersecurity expertise.
"The reason behind the increase is not yet known, but serves to remind us that mobile devices are an often-overlooked element of an organization’s attack surface," also says Check Point's report. "It’s critical that mobile devices are protected with a comprehensive threat prevention solution, to stop them being the weak point in corporate security defenses."
At the moment, Coinhive-based cryptocurrency mining attacks impact around 19% of organizations around the globe with other crypto miners such as Cryptoloot, XMRig, and Jsecoin also present in Check Point's top 10 threat index.