Major Face ID Security Issue on iPhones Can Potentially Lead to Financial Loss for Users
Android users have been worried about malware threats for years, and now iPhone users have similar concerns that can steal personal information and even their money. The iOS Trojan malware is said to be designed to gain access to devices and be able to read messages and other confidential items.
Group IB’s Threat Intelligence Unit has identified a Trojan called GoldPickaxe.iOS, and the threat has been attributed to a Chinese-language threat actor codenamed GoldFactory. The biggest red flag about this Trojan and threat actor is that the attacks come from deep AI spoofing, which means tricking Apple’s Face ID technology to impersonate the owner of the device.
The main objective of the Trojan is to steal money and the biggest alarm for the Group IB team is that the Trojan has been there since June 2023 and is still there causing problems.
The agency notes that GoldFactory targets iPhone users in the Asia-Pacific region, where bad actors operate under the guise of Thai and Vietnamese banks and even government organizations. It’s certainly worried about the Trojan spreading to target people in other parts of the world, which could be devastating and difficult to contain.
The biggest challenge for Group IB is that hackers are able to penetrate Apple’s closed security protocols and bypass all layers to not only penetrate the device, but also steal data without warning the user.
And before the Trojan becomes a global concern, it is recommended that mobile users should not install apps from links or messages shared by unknown contacts. Likewise, it is recommended not to install apps from TestFlight, Apple’s app testing platform.
iPhone users tend to be more in control of their device’s security, so these major Trojan attacks should be easy to avoid.