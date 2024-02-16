February 16, 2024

The GoldDigger Trojan targets iOS users to steal bank accounts

Len Houle February 16, 2024

Apple constantly updates its operating systems with security patches, which hackers often exploit to attack users in many different ways. However, this time, cybersecurity firm Group-IB has reported a new Trojan “GoldDigger” targeting iOS users to steal their bank accounts.

GoldDigger trojan can steal sensitive data from iOS users

according to Detailed report by Group-IB (via Tom's guide), GoldDigger was first created for Android, but has now been successfully ported to attack iPhone and iPad users. The company claims that this is likely the first Trojan created for iOS, and it can be extremely dangerous as it collects facial recognition data, identity documents, and even SMS messages.

With all this data, hackers use AI-based tools to create deep fakes and gain access to victims' bank accounts. By the time victims realize what has happened, it may be too late.

Initially, the Trojan was distributed through Apple's TestFlight, which allows developers to release beta versions of their apps without going through the App Store review process. However, after Apple removed TestFlight, hackers adopted a more sophisticated approach based on the Mobile Device Management (MDM) profile, which is primarily used to manage enterprise devices.

These profiles allow companies to customize and control many aspects of the system according to their needs. But what hackers do is convince users to install the malicious profile in order to download an app from outside the app store. When this happens, they can collect all the data they need.

According to the report, GoldDigger mainly targets people in Vietnam and Thailand. However, it can also be used to attack users in other parts of the world. Group-IB claims that the Trojan is in an “active stage of development.”

So what's next?

At least for now, it seems that even the latest versions of iOS and iPadOS are still vulnerable to this virus. Group-IB says it has notified Apple about the Trojan, so the company is likely already working on a fix. Right now, the best thing you can do to avoid such attacks is not to install apps from sources you don't trust.

You can find More details about the GoldDigger Trojan here.

picture: Unsplash

