Security experts from Group-IB reported the emergence of a new dangerous GoldDigger Trojan called GoldPickaxe.iOS for iOS.
It was originally created for Android, but now it has been ported to the Apple operating system. The virus collects data from individuals, identification documents and even SMS. All this information can be used to gain access to the victim’s bank cards.
The Trojan was initially distributed through the TestFlight service, which allows developers to release beta versions of their applications without going through the App Store review process. However, after Apple removed it from TestFlight, the hackers decided to use a more method – through a mobile device management (MDM) profile, which is mainly used to manage corporate devices.
These profiles allow a company to customize and control all aspects of the system to suit its needs. But hackers convince users to set up a competitive profile in order to download the app from outside the App Store. Once users do this, hackers will be able to collect all the necessary data.
It is noted that unusual victims were people from Vietnam and Thailand. However, the Trojan can also be used in other countries.
Group-IB said that it had already informed Apple about the problems. We are waiting for the vulnerabilities to be closed. [9to5]
Source: Iphones RU
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
