The iPhone may seem impenetrable, but a recent report claimed that the GoldPickaxe is here, and it is a trojan virus that targets accessing biometric data and using it from one's apps and other connected experiences on the device. However, the good thing is, that users may protect themselves and their devices against it, highlighting the importance of vigilance and double-checking sources.
Apple's massive focus on security faced massive threats from crafty hackers and criminals, now with a trojan in place for the iPhone.
GoldPickaxe Trojan Virus Now on the iPhone
Group-IB's security firm shared information behind a new iPhone trojan that made its way to iOS, regarding this to be the "GoldPickaxe" threat. This is similar to the Android trojan from last year which was notorious for stealing data from users, particularly with their biometric information, notoriously known as the GoldDigger virus.
GoldPickaxe can infect both the iOS and Android platforms, evolving from its previous version where it could only affect the Google-made operating system.
According to the report, if the trojan is installed on the iPhone, it will deploy malware that can steal biometric data from photos, SMS, web activity, and more. It also uses AI tools to help them achieve their goal of hacking their victim's bank accounts.
How to be Safe from iPhone Trojan Virus
The GoldPickaxe was recently discovered in Vietnam and Thailand, and it was deployed through the Apple TestFlight beta program where they pose as fake apps waiting for users to download.
To be safe from this new iPhone trojan, users have to be careful in downloading and installing apps from the TestFlight platform, verify the developer, avoid installing iPhone MDM profiles from dubious sources, and avoid sharing personal and sensitive information via calls, texts, and more.
Apple's Security and Flaws in the iOS
While Apple kept viruses away from its devices like the Mac, iPhone, and iPad, it is not entirely safe from the massive threat that hackers are actively looking to crack and enact their nefarious activities on these platforms. Different security updates were released by Apple to help patch the many vulnerabilities exploited by threat actors on various iOS and macOS versions.
However, threat actors are getting more clever with how they infect Apple devices, with many now relying on malware via phishing campaigns and similar attacks against users. At one time, there was a "fake" Lockdown Mode created by threat actors to enable the feature, but it would not do much as it is only a facade in running the malware unbeknownst to users.
Through zero-days, vulnerabilities, and other exploitive campaigns, threat actors preyed on Apple users and swindled them, leading to massive access to their devices and sensitive information theft. Now, the GoldPickaxe is here for iPhones, similar to Android's infamous trojan last year, found on unverified apps on TestFlight, but could be avoided easily through thorough checking.