The GoldDigger Trojan targets iOS users to steal facial recognition and bank account data.

Apple constantly updates its operating systems with security patches, which are often used by hackers to attack users in various ways. However, this time the cybersecurity company Group-IB reported the existence of a new “GoldDigger”; a Trojan targeting iOS users to steal their bank accounts.

The GoldDigger Trojan can steal sensitive data from iOS users

According to a detailed report by Group-IB (via Tom's Guide), GoldDigger was first created for Android, but has now been successfully ported to attack iPhone and iPad users. The company claims that this is potentially the first Trojan created for iOS, and it could be quite dangerous as it collects facial recognition data, identity documents and even SMS.

With all this data, hackers use artificial intelligence tools to create deepfakes and gain access to victims’ bank accounts. By the time victims realize what happened, it may already be too late.

The Trojan was initially distributed through Apple TestFlight, which allows developers to release beta versions of their apps without going through the App Store review process. However, after Apple removed it from TestFlight, hackers took a more sophisticated approach based on a mobile device management (MDM) profile, which is primarily used to manage corporate devices.

These profiles allow companies to configure and control many aspects of the system to suit your needs. But hackers convince users to install a malicious profile in order to download the app from outside the App Store. Once this happens, they will be able to collect all the necessary data.

According to the report, GoldDigger is mainly targeting people in Vietnam and Thailand. However, it can also be used to attack users in other parts of the world. Group-IB claims that the Trojan is in an “active stage of development.”

So what's next?

At least for now, it seems that even the latest versions of iOS and iPadOS are still vulnerable to this Trojan. Group-IB says it has informed Apple about the Trojan, so it is likely that the company is already working on a fix. For now, the best thing you can do to avoid these types of attacks is to not install applications from sources you don't trust.

More information about the GoldDigger Trojan can be found here.

Image: Unsplash

Leave a Reply

Your email address will not be published. Required fields are marked *