loading…
GoldDigger Android malware has now been modified with new capabilities that allow criminals to drain iPhone users' bank accounts. (Photo: Toms Guide)
JAKARTA – The iPhone has a reputation as the safest smartphone in the world. However, recently malware was discovered in the iOS operating system which can steal Face ID data to break into user accounts.
According to a report from Group-IB, GoldDigger Android malware has now been modified with new capabilities that allow criminals to drain iPhone users' bank accounts. The malware was discovered in October 2023.
The researchers named this modified Android GoldDigger malware with the nickname GoldPickaxe. It is said to be able to collect facial recognition data, identity documents and text messages to break into accounts and other financial applications.
Even worse, this biometric data can then be used to create deepfake AI to impersonate the victim and access bank accounts at any time, as compiled from Tom's Guide, Friday (16/2/2024).
Group-IB revealed that the GoldPickaxe malware was first distributed by utilizing the Apple TestFlight application testing platform. This worked at first, but it didn't last long because it was detected.
Criminals then found a more sophisticated way, namely through social engineering, to persuade their victims to install a Mobile Device Management (MDM) profile. If the victim is deceived, then the criminal will have complete control over the iPhone.
Currently GoldPickaxe is targeting iPhone users in Vietnam and Thailand. If this malware proves successful, it is not impossible that it will also spread to other countries throughout the world, including Indonesia.
To avoid this malware never install any applications via TestFlight. Don't be fooled by the MDM fraud method that criminals are currently intensively campaigning for.
(msf)