CYBER NEWS

iOS Crypto Mining Detectado, Redirecionando os usuários para páginas Coinhive

pesquisa New Kaspersky indica que o cada vez mais popular Roaming Mantis Grupo está testando uma nova técnica de monetização que envolve o redirecionamento de usuários iOS para Coinhive no navegador páginas de mineração. Prior activities of this hacking group included the exploitation of vulnerable routers and changing their DNS configuration.




This would allow attackers to redirect router traffic to malicious Android applications masqueraded as Facebook or Chrome, or in the case of Apple devices – to phishing pages deployed to harvest Apple ID credentials.

The Roaming Mantis Group with New Hacking Approaches

In its newest campaigns, the attackers seem to be redirecting iOS users to pages that are laden with the Coinhive in-browser mining script, instead of redirecting them to the regular Apple phishing page. Once redirected, users are shown a blank page, with their CPU jumping up to 90% or even higher.

Durante a nossa pesquisa, it became clear that Roaming Mantis has been rather active and has evolved quickly,” Kaspersky researchers said. Pelo visto, malware produced by the Roaming Mantis Group now supports 27 línguas, including multiple countries from Asia and beyond, Europe and the Middle East. The latest updates in terms of malicious activities include web crypto-mining for PC, and Apple phishing pages for iOS devices.

We have confirmed several new activities and changes to their illegal profit-gaining methods such as web crypto mining for iOS devices, spreading via malicious content delivery system and so on, Kaspersky adicionado.

The hacking group previously targeted iOS devices via an Apple phishing page designed to harvest credentials. Contudo, now the HTML source code of the malicious landing page appears to have been changed.

Story relacionado: Drive-by Cryptomining continua após o navegador for fechado

Pelo visto, the hackers disabled redirection to the fake Apple portal (with a phishing page) and added code with a web mining script (previously used only for computers) to run mining on iOS devices, os pesquisadores explicaram.

Curiosamente, the day after Kaspersky confirmed their findings, the hackers switched back to Apple phishing again. “We believe that the criminals, at that time, were testing the possible revenue from web mining on iOS devices, looking for an efficient way to monetize their activities“, Kaspersky concluded.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...