First iOS Trojan Stealing Users’ Biometric Data Detected
Group-IB, a company specializing in cybersecurity services, has discovered the first-ever Trojan virus targeting iOS users and stealing their biometric data. Remarkably, victims unintentionally deliver scans of their faces to the attackers, as the illegal app mimics a legitimate one.
GoldPixaxe Trojan Targets Thai iOS Users
The malicious program, named GoldPixaxe, has attacked iOS users in Thailand. The Trojan impersonates Thai government service apps and prompts users to photograph their ID cards and proceed with a face scan. A similar case was recorded in Vietnam. The stolen information can potentially be used for identity verification in banks and state institutions through Deep Fake image synthesis technology.
Trojan Also Available for Android
An Android-compatible version of GoldPixaxe also exists. However, this Trojan is not disseminated through official app stores or by exploiting operating system vulnerabilities. Instead, attackers deceive victims into downloading and installing the malicious app on their smartphones and grant it the necessary access permissions.
Suspected Origins of the Trojan
Group-IB suspects the GoldFactory, a Chinese hacker group, of creating the Trojan. GoldFactory has previously created counterfeit banking apps targeting Vietnamese users.