One of the many reasons why people choose iPhones over Android devices is security and that they are supposedly impenetrable by viruses. Well, that could be changing as there’s a trojan spotted for the first time that targets iOS devices.

As per cybersecurity company Group-IB, a trojan called GoldDigger that’s been attacking Android phones has been modified to steal bank accounts from affected users. This new variation is called GoldPickaxe, which has a version meant for iOS devices.

Related

Once it penetrates an Android device or iPhone, it will collect facial recognition data, text messages, and identity documents, which will allow attackers to access banking accounts and steal funds.

What’s worse, the stolen facial identification is utilized to create AI deepfakes to impersonate the victims and gain access to their banking accounts.

The said trojan is currently only victimizing users in Thailand and Vietnam, but may reach broader users once it’s proven successful.

Hackers usually implant trojans on Android phones via malicious apps. However, they can’t use a similar technique on iPhones due to how closed off Apple’s ecosystem is.

The creators of GoldPickaxe managed to overcome that using TestFlight, Apple’s mobile application testing platform; and by tricking users into installing a Mobile Device Management (MDM) profile, which is a system used by industries to manage company phones and other devices. Once installed, the attacker will have full access to the iOS device.

Like on most trojans, for Android or iOS, the easiest way to be safe is to not download apps or click links from sketchy sources.

Source: Tom’s Guide

Leave a comment

Your email address will not be published. Required fields are marked *