Last year, in October 2023, a new Trojan exploiting accessibility services arrived on Android, Golddigger. The Trojan has evolved to steal data from over 50 mobile apps, mainly focusing on cryptocurrency wallets, Vietnamese banking, investment apps, etc. Today, the Trojan has transformed into GoldPickaxe and is looking for a new target: infect your iPhone at all costs.
And currently the extent of its danger is not known, only that it is in an “active phase of evolution” and that, according to the Threat Intelligence unit, it is part of the “group of aggressive banking Trojans which are actively targeting the Asia-Pacific (APAC) region. » In any case, we remind you how to know if you have a virus on your iPhone and what practices and measures to take.
GoldPickaxe, the Trojan horse arriving on iOS
Group-IB’s Threat Intelligence unit, responsible for discovering the Trojan horse GoldPickaxe.iOSprovides the following additional data:
- The Trojan collects identity documents, SMS messages and facial recognition data.
- The GoldPickaxe family is available for iOS and Android platforms. The set of sophisticated Trojans developed by GoldFactory has been active since mid-2023.
- GoldFactory is considered a well-organized Chinese cybercrime group closely linked to Gigabud.
- Social engineering is the primary method used to deliver malware to victims’ devices across the GoldFactory Trojan family.
- GoldPickaxe.iOS is distributed via Apple’s TestFlight or by social engineering victims to install an MDM profile.
This has nothing to do with WhatsApp scams, phishing, or various bizarre messages that seek to deceive you and impersonate your bank. This is a tool capable of sneaking into your iPhone and spying on your transactions, stealing your banking information and obtaining all your profile data, in order to misappropriate said information.
So, while waiting to learn more about the scope and danger of this Trojan horse called GoldPickaxe, We recommend that you do not install applications that are dangerous or come from unknown sources, not even through TestFlight, unless you know the application you are going to install perfectly. Beware of any non-legitimate sources and SMS messages you receive in iMessage, as well as any unrecorded calls or messages arriving on your WhatsApp from unknown senders in order to obtain personal information.
Of course, keep your iPhone updated to the latest version as long as it’s compatible, in this case iOS 17.5, despite the fact that the GoldPickaxe Trojan for iOS is neither mentioned nor fixed in this version. As we gather more information, we will update this article.
In Applesfera | How many years of updates does my iPhone have left? So we can know
In Applesfera | iPhone anti-theft mode: how to activate the new Apple feature available since iOS 17.3
