Crypto-Mining Malware Tops Charts, Targets Apps
For organizations that were hoping to see a decline in malware threats, there is no sign that crypto-mining malware will be going away anytime soon. In fact, crypto-mining malware continues to dominate among hackers while also sneaking its way into more mobile apps.
“May 2018 marked the fifth consecutive month where crypto-mining malware dominated Check Point’s Top Ten Most Wanted Malware Index. Coinhive retained the top spot as the most prevalent malware as another crypto-mining malware, Cryptoloot, ranked second with a global reach of 11%,” Check Point wrote.
Cyber-crooks around the world are reportedly leveraging unpatched server vulnerabilities in Microsoft Windows Server and Oracle Web Logic in order to mine crypto-currency. The research also found that despite these patches being available for at least six months, organizations continue to be vulnerable.
While the instances of crypto-mining malware infection has increased by a reported 4,000% in Q1, according to News BTC, the problem is also spreading through mobile apps. Apple recently released new guidelines to thwart the spread of crypto-mining apps.
On 4 June Apple updated its app store review guidelines to include guidelines that would secure its products from malicious mining practices. The company mandated to developers, “Design your app to use power efficiently. Apps should not rapidly drain battery, generate excessive heat, or put unnecessary strain on device resources. Apps, including any third party advertisements displayed within them, may not run unrelated background processes, such as cryptocurrency mining.”
Additionally, Apple clarified that apps may not mine for cryptocurrencies unless the processing is performed off device – in cloud-based mining, for example.
Still, Amazon is fighting to extinguish the infections spreading through Fire TV and its stick devices. A variant of a malware worm has reared its crypto-mining head in Amazon Fire TVs and Fire TV Sticks. “The worm is not specifically targeting Fire TV devices, but they are vulnerable because of their Android-based operating system,” said AFTVnews.
The Android malware known as ADB.Miner has spawned a new version that started spreading earlier this year, reportedly disguising itself as an app called “Test” with the package name “com.google.time.timer.” After infecting Android devices, it not only begins mining for crypto but also spreads itself to like devices on the same network.
Source: Information Security Magazine