New Revised Banking Trojan

A former Android focused trojan has now been modified to attack against Apple’s iOS devices. Surfaced from a news report by Group IB, this new trojan named GoldDigger has been modified to drain victims’ bank accounts. Because this trojan was first programmed for Android explicit attacks, this new remodeled trojan is capable of attacking both Android and iPhones. Once installed onto a victims device, GoldDigger can collect facial recognition data, identity documents and intercepted text messages, all with the goal to make it easier to siphon funds off banking and financial apps. Not only this but data collected from the trojan can be used to create AI deep fakes which can be used to impersonate victims. This will ultimately lead to access into the victim’s bank account.

Originally hackers would exploit Apple’s mobile application testing platform TestFlight to distribute the GoldPickaxe.IOS trojan. Normally it’s very difficult to install a malicious app onto Apple’s app store. However, by abusing TestFlight it is possible. Apple soon removed the malicious app spreading the trojan off of TestFlight. Hackers then started to use social engineering to gain access to people’s phones using MDM (Mobile Device Management) By impersonating businesses that provide MDM as a service hackers can gain full control over victims phones.

While currently only being used in Vietnam and Thailand, this new trojan, if deemed successful, hackers behind the trojan can start to transition to iPhones in America or Canada (english speaking countries) as targets. Given the efficiency of either GoldDigger or GoldPickaxe and how both can attack Android and IOS phones, this will most likely not be last time this malware surfaces.


Leave a Reply

Your email address will not be published. Required fields are marked *