A report from the online company Group-IB pointed out that hackers have planted banking Trojan attacks on iPhone users, which can penetrate the iOS system.
This Trojan is called goldpickaxe; Notably, once iPhone and Android users are infected with GoldPickaxe, the Trojan automatically collects facial recognition data, identity documents, and intercepted text messages, making it easier to steal funds from banks and other financial applications.
goldpickaxe.iOS is the first iOS Trojan observed by Group-IB, and it combines the following features:
Collect victim's biometric (facial) data, identity documents, intercept text messages, and traffic through the victim's device**. Due to more restrictions and the closed nature of iOS, the Android version of the virus - GoldpickaxeAndroid is more threatening than the iOS version.
GoldPickaxe does not steal money directly from the victim's phone. But it can collect all the necessary information from the victim to create a deepfake** and automatically access the victim's banking app.
Over the course of the study, Group-IB determined that the Trojan explicitly has the ability to prompt victims to scan their faces and submit their IDs**. Cybercriminals can use this method to gain unauthorized access to the victim's bank account, a new fraud technique that Group-IB researchers have never discovered before.
It is understood that at present, this goldpickaxe Trojan virus will not affect domestic users, mainly targeting the Asia-Pacific region, especially Thailand and Vietnam; However, it does not mean that the scope of the attack will not be expanded in the future; After all, iOS systems are known for their security. In the future, it may be against the United States, Europe and the United States and other regions. Moreover, there is no new iOS system that can protect against the Goldpickaxe virus, throwing it in an active state.
Group-IB has reported the Trojan virus to Apple, so it should be in the process of being quickly fixed. You should also be cautious about installing unidentified software, especially third-party pop-up trust, so as to avoid similar Trojan attacks.
We are the shark leak inspection machine, your professional mobile phone assistant! For more Apple information and iPhone interesting tutorials, please ***