400% increase in cryptomining malware attacks against iPhones

400% increase in cryptomining malware attacks against iPhones

It wouldn’t be wrong to state that Apple has become the apple of the eyes of cryptomining enthusiasts and cybercriminals. According to Check Point’s latest Global Threat Index, the company is being targeted more frequently in cryptomining malware attacks.

The report discloses some startling new facts about the sudden rise in cryptomining malware attacks against Apple devices. Nearly 400% rise in iPhone attacks has been recorded in only the last two weeks of September.


“Check Point’s researchers detected a near-400% increase in cryptomining malware attacks against iPhones. The surge was seen in the last two weeks of September, when attacks against users of the Safari browser also rose significantly,” the report revealed.

The inclusion of Safari browser raises concerns that this may not be an iPhone related phenomenon only and could very well be a mining script. The report also mentions Coinhive, which further intensifies these concerns.

See: Hackers are using YouTube Ads to Mine Monero Cryptocurrency

Check Point researchers claim to continue their investigation to identify the reasons behind the unexpected rise in attacks against iPhones. It was also mentioned in the report that cryptomining malware was a raging malware trend in the past month.

In this regard, it is important to note that Coinhive still ranks number one on the report, a position that it has occupied since Dec’17, with a cumulative impact of 19% on global organizations. Check Point noted that Coinhive attacks against PCs have also increased significantly. Cybercriminals are using the Coinhive mining malware for attacking iPhones, which is why there has been an increase in an attack against Safari browser users.

Trojan Dorkbot, an information-stealing Trojan, is at the second place with a 7% global impact. Third place is occupied by Coinhive rival Cryptoloot mining malware. It is the second most impactful cryptomining malware on the index. XMRig is not being used as frequently in cryptomining attacks lately, which is why it has moved down to number eight on the index.


See: Hackers using Googlebots in cryptomining malware attacks

Check Point’s threat intelligence group manager Maya Horowitz stated in a press release:

“Crypto-mining continues to be the dominant threat facing organizations globally. What is most interesting is the fourfold increase in attacks against iPhones and against devices using the Safari browser during the last two weeks of September. These attacks against Apple devices are not using the new functionality, so we are continuing to investigate the possible reasons behind this development.”

These attacks definitely serve as a reminder to all that mobile devices are quite vulnerable to attack but are often ignored by organizations as probable attack surface. It is therefore imperative that mobile devices are comprehensively protected with a reliable threat prevention solution.

Related Posts