iPhone devices are at risk as a new iOS Trojan that targets facial recognition data

iPhone A cybersecurity firm has reported that devices are being targeted by a rare Trojan called Golddigger. The malware is part of a cluster of aggressive banking trojans affecting customers in the Asia Pacific (APAC) region. The previously spotted malware group was only affecting Android users, but now a new version has been discovered that specifically targets iOS and steals facial recognition data and other sensitive information from devices. This development is rare as Apple is known to be proactive in releasing security patches for its operating systems.

Cybersecurity firm Group-IB was behind it. discovery of the iOS Trojan. The group has been tracking it since October 2023, when it first found a new version of the Android malware and named it Golddigger. The malicious program was found to be a banking Trojan that steals financial information and targets banking apps, e-wallets, and crypto-wallets. It was first observed in Vietnam but was later identified as a cluster affecting the entire APAC region.

In its findings, the group noted that “a new advanced mobile Trojan specifically for iOS users, called GoldPickaxe.iOS by Group-IB,” has been discovered. The malware is capable of stealing facial recognition data, identification documents and can also intercept SMS.

gave Cyber ​​security The group also claimed that the malicious actors behind the GoldDigger malware likely leveraged face-altering AI tools to create deepfakes based on Face ID data. Then, using a combination of identity documents, SMS access, and Face ID data, the hacker behind the program can gain access to the victim’s iPhone and their banking apps. The threat actor then repeats bank transactions to steal the victim’s money. According to Group-IB, this method of financial theft was not seen before.

It was reported that the malware was first distributed through the TestFlight app, which lets developers beta test new features before rolling them out, however, this was quickly removed. apple. Now, it is being spread through a multi-level social engineering technique that involves tricking victims into installing a mobile device management (MDM) profile.

The Trojan is suspected to belong to an organized Chinese-speaking cybercrime group and is mainly affecting Vietnam and Thailand. It is likely to spread to other areas as well. The cybersecurity group said it has notified Apple about the Trojan, and the iPhone maker is likely already in the process of creating a fix.

---