Security researchers have uncovered a dangerous new iOS Trojan dubbed “GoldPickaxe” targeting users in the Asia-Pacific (APAC) region.
iOS Trojan identified by Group-IB Threat Intelligence malware analyst unit: An Analysis
The newly identified GoldPickaxe.iOS employs a notable distribution scheme. The threat actor utilized Apple’s mobile application testing platform, TestFlight, to distribute malware initially. Following the removal of its malicious app from TestFlight, the threat actor adopted a more sophisticated approach. They employed a multi-stage social engineering scheme to persuade victims to install a Mobile Device Management (MDM) profile. This allowed the threat actor to gain complete control over the victim’s device.
The whole threat cluster has been attributed by Group-IB to a single threat actor, codenamed GoldFactory that has developed a sophisticated suite of mobile banking malware.
Group-IB Blog added
Protect yourself from the GoldPickaxe iOS Trojan! This dangerous malware is designed to steal your personal information, including facial profiles, identification documents, and SMS messages from your mobile device. Cyber criminals can access your bank account and transfer unauthorized money if your phone is infected.
Here’s what you need to know:
Target: Developed by the Chinese cybercrime group “GoldFactory,” the Trojan primarily targets users in Thailand and Vietnam, but could potentially spread elsewhere.
Functionality: Steals sensitive data like face profiles, identification documents, and SMS messages from infected devices.
Goal: This stolen information allows attackers to gain access to victims’ bank accounts and make unauthorized money transfers.
Origin: Believed to have been operational since October 2023, both Android and iOS versions of the Trojan exist.
Distribution: Likely spread through phishing campaigns or malicious app downloads disguised as legitimate applications.
Risks:
- Financial loss: Stolen bank account information can lead to fraudulent transactions and significant financial losses.
- Identity theft: Stolen identification documents can be used for further criminal activities.
- Privacy breach: Personal data theft is a serious violation of privacy and can have lasting consequences.
Also See: Apple Stolen Device Protection: A Shield For Your iPhone in Unexpected Hands
How To Staying Safe from iOS Trojan:
- Be cautious: Only download apps from trusted sources like the official App Store.
- Beware of phishing: Don’t click on suspicious links or attachments in emails or messages.
- Enable two-factor authentication: Adds an extra layer of security to your bank accounts and other sensitive services.
- Keep software updated: Regularly update your iOS device and apps to patch security vulnerabilities.
- Security software: Consider using a reputable security app for additional protection.
- Remember: Stay vigilant and prioritize your online security to protect yourself from this and other emerging threats.
- Don’t take any chances. Ensure your phone is secure and protected from threats like malicious apps.
