In a startling development, the first-ever iOS banking trojan has surfaced, posing a threat to iPhone users worldwide. Initially identified as an Android trojan called GoldDigger, this newly adapted malware, now named GoldPickaxe, is equipped to target both Android and iOS devices.
Once installed, GoldPickaxe gains access to sensitive data such as facial recognition information, identity documents, and intercepted text messages. This data is exploited to manipulate banking and financial apps, facilitating the unauthorized transfer of funds. Moreover, the trojan utilizes biometric data to create AI deepfakes, allowing cybercriminals to impersonate victims and gain illicit access to their accounts.
While currently limited to targeting victims in Vietnam and Thailand, there is concern that the operation could expand to English-speaking countries successfully. Despite the stringent security measures in Apple’s ecosystem, hackers have devised methods to distribute the trojan, including leveraging Apple’s TestFlight platform and employing social engineering tactics to install Mobile Device Management (MDM) profiles.
The threat actor behind the trojan, identified as GoldFactory, continues to develop variants of malware, including GoldDiggerPlus, which now enables real-time calls on infected devices. As the prevalence of banking trojans poses significant risks to both iPhone and Android users, vigilance and preventive measures are crucial.
To safeguard against malware infections, users are advised to refrain from installing apps through TestFlight and avoid adding MDM profiles unless explicitly instructed by their employers. Additionally, utilising reputable antivirus software such as Intego Mac Internet Security X9 or Intego Mac Premium Bundle X9 can provide an added layer of protection against malware threats.
While iPhone malware is a newfound reality, adhering to cybersecurity best practice’s and exercising caution can mitigate risks and ensure the safety of personal devices. Stay informed and stay protected with The Vox 24 for the latest updates on cybersecurity threats and preventive measures.
