Beware of the first-ever iOS Trojan! GoldPickaxe targets iPhones to breach bank accounts
First-ever iOS Trojan, GoldPickaxe, has been found and it targets Face ID data for bank theft purposes. Learn how cybercriminals breach iPhones, and essential tips to keep your device secure.
In a groundbreaking development, the realm of iPhone security has been shaken as the first-ever banking Trojan tailored for iOS devices has emerged. Originally known as the Android Trojan GoldDigger, it has now evolved into GoldPickaxe, equipped with advanced features designed to facilitate the unauthorised draining of bank accounts of users with iPhones.
Initially identified in October, this malicious software, capable of infecting both Android and iOS devices, specifically targets iPhone users. Once it infiltrates iPhones, GoldPickaxe harvests facial recognition data, identity documents, and intercepted text messages to streamline the pilfering of funds from various banking and financial applications. Alarmingly, the obtained biometric data is employed to generate AI deepfakes, enabling cybercriminals to impersonate victims and gain access to their bank accounts, TechRadar reported.
Currently, the GoldPickaxe Trojan is confined to targeting victims in Vietnam and Thailand. Nevertheless, the potential success of this campaign could prompt the expansion of operations to include iPhone and Android users in English-speaking countries such as the U.S. and Canada.
mobile to buy?
Unprecedented Method of Entry: From TestFlight to Mobile Device Management
While infiltrating Android devices often involves malicious apps and phishing tactics, compromising iPhones proves more challenging due to Apple's closed ecosystem. Despite this, cunning hackers managed to exploit Apple's mobile application testing platform, TestFlight, to distribute the GoldPickaxe.IOS Trojan initially. After removal from TestFlight, the hackers resorted to social engineering, convincing victims to install a Mobile Device Management (MDM) profile, providing complete control over the compromised iPhone.
Attributed to a single threat actor named GoldFactory, responsible for developing both GoldPickaxe versions, the cybersecurity firm Group-IB uncovered a new variant named GoldDiggerPlus. This upgraded malware allows hackers to make real-time calls on infected devices, adding a concerning dimension to the evolving threat.
Secure Your iPhone from Malware Threats
- Avoid TestFlight: Refrain from installing apps through TestFlight unless necessary, as this process can expose your device to potential threats.
- MDM Profiles: Only install Mobile Device Management profiles if explicitly requested by your employer for a company-issued iPhone.
- Malware Scanning: Though Apple restricts antivirus apps on iOS, solutions like Intego Mac Internet Security X9 or Intego Mac Premium Bundle X9 can scan iPhones when connected to a Mac via USB cable.
- Lockdown Mode: For those at higher risk, consider enabling Lockdown Mode, despite some limitations on app functionality.
- Stolen Device Protection: Activate Apple's Stolen Device Protection to secure your iPhone in case of theft.
While iPhone malware is now a reality, practising vigilant cyber hygiene and avoiding unnecessary risks will contribute to safeguarding your devices from potential hackers.
Also, read these top stories today:
Facebook faces $3.77 billion lawsuit! 45 million Facebook users were not properly compensated for the value of personal data they had to provide, says Legal academic. Some interesting details in this article. Check it out here. If you enjoyed reading this article, please forward it to your friends and family.
Bypassing Apple! Meta released new guidelines for small businesses that advertise on Facebook and Instagram, aiming to help them get around fees imposed by Apple Inc. Know how Meta will help users evade payment to Apple here. If you enjoyed reading this article, please forward it to your friends and family.
Deepfake danger! A bank uses biased AI outputs in a mortgage lending decision. An insurance firm's AI produces racially homogeneous advertising images. Users of an AI system complain about a bad experience. These are just a few of the potential risks AI poses for financial institutions. However, despite those risks, many potential uses for AI are there for financial firms. Read all about it here.
Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.