A new iOS trojan, named GoldPickaxe, has been discovered. It is designed to steal facial recognition data from users, to gain unauthorized access to their bank accounts.
The malware creates deepfakes using the stolen biometric data to impersonate victims and access their financial apps.
It has been reported that the trojan disguises itself and tricks users into providing their ID card photos and undergoing facial scans.
The malware does not exploit any iOS vulnerabilities but instead tricks victims into installing the malicious app and granting all the necessary configurations, including powerful device permissions via Apple’s TestFlight or Mobile Device Management profile system.
To protect against such threats, users are advised to avoid clicking on suspicious links, use official app stores to download applications, review the permissions of all apps, avoid adding unknown contacts, and verify the legitimacy of bank communications.
Stay up to date: Click here for more news and videos
Discover more from Your Assignment Editor
Subscribe to get the latest posts sent to your email.
