Highlights
- GoldPickaxe malware targets both iOS and Android devices as of February 2024.
- Malware can steal biometric data and intercept text messages and online activities.
- Users are advised to install apps only from trusted sources and update software regularly.
- Primary targets have been users in Vietnam and Thailand.
An Android malware called GoldDigger was discovered last year and it had the power to hack the victim’s bank account and steal his biometric data.
The above-mentioned threat has evolved and now, under the name of GoldPickaxe malware, is targeting not only iOS but also Android devices as of February 2024.
Even though Apple has released software updates that contain security enhancements, no special attention has been paid to GoldPickaxe; thus, the user needs to be vigilant against this malware.
Protecting Against the First iPhone Trojan
GoldPickaxe is dubbed the first iOS malware ever, and it was found by security firm Group-IB.
Installed on an iPhone, the spyware can intercept text messages and online activities, gather biometric information from users, and more.
Malicious parties, disguising themselves as bank officials, might contact the victims and request private information such as pictures of their ID cards.
To protect against this threat, it is crucial to follow these precautions:
- You would not want to install iPhone apps via Apple’s TestFlight beta testing system, unless you totally trust the developer and can confirm the legitimacy of the app.
- Install applications strictly from the App Store. Also, make certain the developer is genuine.
- If you do need to install an iPhone MDM (Mobile Device Management) profile, ensure that it originates from a reliable source, like your IT administrator at work, a reputable organization, or a developer.
- Use caution while utilizing parental control apps from third parties that are integrated with MDM policies.
- If someone calls you up via phone, video chat, or other correspondence, do not give them any private or sensitive information, such as pictures of you or your ID cards.
- Do not click on links or call numbers that unsolicited sources give out; instead, log in directly through the bank or institution website if you have concerns about a financial account.
- Update your iPhone with the latest Apple software, which includes the Rapid Security Response.
While the GoldPickaxe trojan has primarily targeted users in Vietnam and Thailand by mimicking financial institution apps, the threat is actively evolving.
Therefore, remaining vigilant and following best security practices is crucial to protect your devices and personal information.
FAQs
What is GoldPickaxe malware?
GoldPickaxe is an evolved version of the GoldDigger malware, capable of hacking bank accounts and stealing biometric data. It targets both iOS and Android devices.
How does GoldPickaxe malware affect iOS devices?
On iOS devices, GoldPickaxe can intercept text messages, track online activities, and gather biometric information from users.
What precautions can users take against GoldPickaxe malware?
Users should install apps only from trusted sources, avoid sharing personal information with unknown contacts, and keep their devices updated with the latest software.
Has Apple addressed the GoldPickaxe malware threat?
While Apple has released security updates, there has been no specific fix for GoldPickaxe. Users must remain vigilant and follow best security practices.
Which regions are primarily targeted by GoldPickaxe malware?
GoldPickaxe has primarily targeted users in Vietnam and Thailand, often by mimicking financial institution apps.
Also Read: Kaspersky Report Highlights Over 600 Million Malware Downloads from Google Play Store
Also Read: Supreme Court Tech Committee Finds Malware, Pegasus Spyware Suspected
Also Read: SpyNote Malware Targets Android Users By Recording Your Calls, Taking Screenshots