Apple Faces Surge in Crypto-Mining Attacks
Apple Targeted by Crypto-Mining Attacks
Apple has recently come under fire for a significant increase in crypto-mining attacks, with iPhone attacks skyrocketing by nearly 400% over the last two weeks of September. According to Check Point, a leading cybersecurity firm, these attacks have been on the rise, prompting concern among Apple users.
Global Threat Index Report
In their latest Global Threat Index, Check Point researchers highlighted the surge in crypto-mining attacks, attributing the spike to the prevalence of malware such as Coinhive and Cryptoloot. Coinhive, the top-ranked malware since December 2017, continues to impact 19% of global organizations, while Dorkbot, an information-stealing Trojan, holds a 7% global impact.
The report also pointed out a significant increase in Coinhive attacks targeting PCs, as well as a rise in attacks against users of the Safari browser, the primary browser on Apple devices. This aligns with the surge in crypto-mining attacks on iPhones, signaling a troubling trend for Apple users.
Cryptoloot Rises in Threat Index
Cryptoloot, a rival to Coinhive, secured the third spot on the Threat Index, emerging as the second-most prevalent crypto-miner in the ranking. Setting itself apart from Coinhive, Cryptoloot requests a smaller revenue percentage from websites, making it an attractive option for attackers.
Protecting Against Mobile Threats
Maya Horowitz, threat intelligence group manager at Check Point, emphasized the need for comprehensive threat prevention solutions to safeguard mobile devices from crypto-mining attacks. The sudden surge in attacks against Apple devices serves as a reminder of the importance of securing all elements of an organization’s attack surface.
Horowitz stated, “Mobile devices are often overlooked in corporate security defenses, making them vulnerable targets for cyber threats. It is crucial for organizations to prioritize mobile security and implement robust defense mechanisms to mitigate the risk of crypto-mining attacks.”
Top Exploited Vulnerability
Meanwhile, Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow (CVE-2017-7269) retained its position as the most exploited vulnerability for the seventh consecutive month, impacting 48% of organizations globally. This highlights the ongoing challenge of addressing vulnerabilities and strengthening cybersecurity measures to combat evolving threats.