A new banking trojan named GoldPickaxe, derived from the Android trojan GoldDigger, has been identified with the ability to target both Android and iOS devices. GoldPickaxe, initially discovered in October 2022, can collect facial recognition data, identity documents, and text messages to facilitate unauthorized access to banking and financial apps.
The trojan uses the gathered biometric data to create AI deepfakes for impersonation and account access. While currently focused on victims in Vietnam and Thailand, if successful, the cybercriminals may expand their operations to target users in the U.S., Canada, and other English-speaking countries.
The trojan has employed tactics such as leveraging Apple's TestFlight and utilizing Mobile Device Management (MDM) profiles for distribution on iPhones. Apple is reportedly working on addressing this threat, but in the meantime, users are advised to avoid installing apps through TestFlight, decline adding MDM profiles unless requested by their employer, and consider security software for added protection.
0 Comments