Many people choose iPhones instead of Android phones because they think iPhones are more secure. But that might not be the case anymore because there is a new banking trojan out there that is specifically made to attack iPhone users.
As per a detailed report by the cybersecurity company Group-IB (via Tom’s Guide), the Android trojan GoldDigger has now been effectively adapted to target iPhone and iPad users. The company asserts that this might be the first trojan crafted for iOS, posing a significant threat by gathering facial recognition data, ID documents, and even SMS.
Found for the first time last October, the trojan now has a new version called GoldPickaxe, tailor-made for both Android and iOS devices. When it gets into an iPhone or Android phone, GoldPickaxe can gather facial recognition data, ID documents, and intercepted text messages, all aimed at making it simpler to grab funds from banking and other financial apps. To add to the trouble, this biometric data is used to craft AI deepfakes, allowing attackers to impersonate victims and get into their bank accounts.
It is important to mention that right now, the GoldPickaxe trojan is focusing on victims in Vietnam and Thailand. Yet, as seen in other malware schemes, if this one hits the jackpot, the cybercriminals running it might broaden their reach to target both iPhone and Android users in the US, Europe, and the rest of the world.
Android banking trojans are usually spread through dodgy apps and phishing schemes. Getting a trojan onto an iPhone is trickier because Apple's ecosystem is more closed off compared to Google's. However, as hackers tend to do, they've figured out a way.
Initially, the trojan was spread through Apple’s TestFlight, a platform allowing developers to release beta app versions without the App Store’s review process. But after Apple took it down from TestFlight, the hackers switched to a more advanced method involving a Mobile Device Management (MDM) profile, typically used for managing enterprise devices.
Diagram outlining how GoldPickaxe.iOS infects iOS devices (Image Credit–Group-IB)
As per Group-IB, a lone threat actor known as GoldFactory is behind the creation of both versions of the GoldPickaxe banking trojan. Yet, following their initial research, the security researchers at the firm stumbled upon a new variant called GoldDiggerPlus. The "Plus" here means the malware now lets hackers make real-time calls to their victims on an infected device.
Recommended Stories
Given how profitable a banking trojan like GoldDigger or GoldPickaxe can be — especially when it can target iPhones as well as Android phones — this likely isn’t the last we will hear about this malware or the hackers behind it.
As of now, even the most recent versions of iOS and iPadOS appear to be susceptible to this trojan. Group-IB has notified Apple about the issue, so it's likely that the company is already in the process of developing a fix.
How to keep your iPhone safe?
To safeguard your iPhone from malware, it is crucial to follow some simple steps:
Stick to trusted app sources: Avoid installing apps from sources you don’t trust.
Avoid TestFlight: Don’t install apps through TestFlight, as this platform isn't vetted like the App Store.
Keep your device updated: Install all the latest software updates released by Apple.
Practice good cyber hygiene: Be cautious and avoid unnecessary risks while using your device.
By following these steps, you can help protect yourself and your iPhone from hackers and malware threats.
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
Tsveta, a passionate technology enthusiast and accomplished playwright, combines her love for mobile technologies and writing to explore and reveal the transformative power of tech. From being an early follower of PhoneArena to relying exclusively on her smartphone for photography, she embraces the immense capabilities of compact devices in our daily lives. With a Journalism degree and an explorative spirit, Tsveta not only provides expert insights into the world of gadgets and smartphones but also shares a unique perspective shaped by her diverse interests in travel, culture, and visual storytelling.
Recommended Stories
Loading Comments...
COMMENT
All comments need to comply with our
Community Guidelines
Phonearena comments rules
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: