In a groundbreaking development, the realm of iPhone security has been shaken as the first-ever banking Trojan tailored for iOS devices has emerged. Originally known as the Android Trojan GoldDigger, it has now evolved into GoldPickaxe, equipped with advanced features designed to facilitate the unauthorised draining of bank accounts of users with iPhones.
Initially identified in October, this malicious software, capable of infecting both Android and iOS devices, specifically targets iPhone users. Once it infiltrates iPhones, GoldPickaxe harvests facial recognition data, identity documents, and intercepted text messages to streamline the pilfering of funds from various banking and financial applications. Alarmingly, the obtained biometric data is employed to generate AI deepfakes, enabling cybercriminals to impersonate victims and gain access to their bank accounts, TechRadar reported.
Currently, the GoldPickaxe Trojan is confined to targeting victims in Vietnam and Thailand. Nevertheless, the potential success of this campaign could prompt the expansion of operations to include iPhone and Android users in English-speaking countries such as the U.S. and Canada.
While infiltrating Android devices often involves malicious apps and phishing tactics, compromising iPhones proves more challenging due to Apple's closed ecosystem. Despite this, cunning hackers managed to exploit Apple's mobile application testing platform, TestFlight, to distribute the GoldPickaxe.IOS Trojan initially. After removal from TestFlight, the hackers resorted to social engineering, convincing victims to install a Mobile Device Management (MDM) profile, providing complete control over the compromised iPhone.
Attributed to a single threat actor named GoldFactory, responsible for developing both GoldPickaxe versions, the cybersecurity firm Group-IB uncovered a new variant named GoldDiggerPlus. This upgraded malware allows hackers to make real-time calls on infected devices, adding a concerning dimension
Read more on tech.hindustantimes.com