New wave of crypto-mining attacks on iPhones raises eyebrows

15 Oct 2018

Image: © Rawpixel.com/Stock.adobe.com

New research from Check Point shows cyber-criminals are increasingly targeting iPhones in crypto-mining attacks.

While it never quite took off among consumers, Google Plus is now dead in the water as far as individual users are concerned. The social network is being wound down following the discovery of a bug that left data exposed to third-party developers.

Meanwhile, Microsoft made major waves in the development community as it announced it was to join the Open Invention Network. The company has notoriously kept its thousands of patents close to its chest, so the change of heart has pleased many.

Also in the US, new research from Columbia University shows just how consumer genomics databases could be used to identify almost anyone in the future.

iPhones becoming popular crypto-mining targets

Check Point has released its Global Threat Index for September 2018, revealing an almost 400pc increase in crypto-mining malware attacks against Apple iPhones using the Coinhive mining malware.

Coinhive now impacts nearly a fifth of organisations worldwide. The malware retained the top spot, followed by a remote code execution worm dubbed ‘Dorkbot’ in second place and Coinhive competitor CryptoLoot.

Maya Horowitz, threat intelligence group manager at Check Point, commented: “What is most interesting is the fourfold increase in attacks against iPhones, and against devices using the Safari browser during the last two weeks of September.

“These attacks against Apple devices are not using new functionality, so we are continuing to investigate the possible reasons behind this development.”

Pentagon suffers data breach

The US Pentagon says that Department of Defense travel records have been breached, which may have compromised the credit card data and other personal information of its workers.

A US official spoke with AP on condition of anonymity and said that as many as 30,000 staff could be affected. Another official said that the breach was down to an unnamed third-party contractor that managed the data.

While the attack was flagged on 4 October, a source said the initial incident could have happened several months ago.

Google encrypting Android Cloud backups

Google has announced a new feature to help secure user data while maintaining the privacy of individuals. The company lets Android users automatically back up their essential app information and settings to their Google account.

This allows them to restore it when required, such as when a user gets a new device. Until now, all of this backup data was visible to Google, but the company is changing its storage procedure.

Starting with Android Pie, an Android device will generate a secret key unknown to Google. This key will be encrypted using your lock screen PIN/password/passcode. The encrypted data will then be sent to a Titan security chip on Google servers.

More than half of Irish cybersecurity attacks may go undetected

A new survey of 258 firms from Magnet Networks found that the average industry figure for attacks is at 43pc, but just 20pc of businesses surveyed say they have suffered a cyberattack in the last two years. Worryingly, 34pc of all organisations do not have any form of cybersecurity policy in place.

“A new generation of cyber threats has meant that Irish businesses are constantly under attack and they may not realise it,” said cybersecurity expert James Canty of Magnet Networks.

“The average time it takes a business to identify a cyber breach is 191 days, and in many cases a company may not know they have been affected until their data is sold on the dark web.”

Bitcoin still languishing after 2017 peak

Late 2017 was a heady time for bitcoin investors as the cryptocurrency reached record highs, but new research from Juniper found that the coin has failed to recover. This is despite the weakness of a number of leading fiat currencies and ongoing trade tensions between the likes of China and the US.

It found that daily transaction volumes had also fallen from an average of around 360,000 per day in late 2017 to just 230,000 in September 2018.

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com