First ever iOS trojan discovered — and it’s stealing Face ID data to break into bank accounts

The security landscape for iPhone users is shifting as the first banking trojan targeting iOS devices, named GoldPickaxe, has emerged. Initially identified as GoldDigger for Android, the trojan has evolved to also affect iPhones, collecting sensitive data like facial recognition and identity documents to facilitate fraudulent bank transactions. Cybercriminals have exploited Apple’s TestFlight platform and Mobile Device Management (MDM) profiles to distribute the malware, which currently targets users in Vietnam and Thailand but could potentially spread globally.

Security experts from Group-IB have traced the development of GoldPickaxe to a single entity known as GoldFactory and have also discovered a new variant, GoldDiggerPlus, which allows real-time calls to victims on infected devices. To protect against such threats, iPhone users are advised to avoid installing apps through TestFlight, refrain from adding MDM profiles unless required by their employer, and consider using Intego’s antivirus software for Mac to scan connected iOS devices. Additionally, enabling Lockdown Mode and Apple’s Stolen Device Protection can further secure iPhones against malware and theft. Despite the new risks, practicing good cyber hygiene remains a key defense for users.
Read more at Tom’s Guide…