[Warning] GoldDigger and it's variant targeting banking apps and crypto wallets

[Jating]

It was reported that there's a trojan that harvest facial recognition data used for unauthorized access to bank accounts and crypto wallets too, and researchers dubbed it as a family of "GoldDigger".

Among these discoveries, there is an exceptionally rare occurrence – a new sophisticated mobile Trojan specifically aimed at iOS users, dubbed GoldPickaxe.iOS by Group-IB. The GoldPickaxe family, which includes versions for iOS and Android, is based on the GoldDigger Android Trojan and features regular updates designed to enhance their capabilities and evade detection. GoldPickaxe.iOS, Group-IB researchers found, is capable of collecting facial recognition data, identity documents, and intercepting SMS. Its Android sibling has the same functionality but also exhibits other functionalities typical of Android Trojans. To exploit the stolen biometric data, the threat actor utilizes AI-driven face-swapping services to create deepfakes. This data combined with ID documents and the ability to intercept SMS, enables cybercriminals to gain unauthorized access to the victim’s banking account – a new technique of monetary theft, previously unseen by Group-IB researchers in other fraud schemes.

https://www.group-ib.com/blog/goldfactory-ios-trojan/

And it really sounds very complex and complicated and it seems the Chinese did take time to create this trojan that mostly targets APAC region specially in Vietnam as it targets  targets more than 50 applications related to banking, e-wallets, and crypto-wallets.



So to our friends from South East Asean region, just be careful with your banking apps and crypto wallet in your mobile or even Pc or laptop. Do everything and learn safe practice as not to infect your machines with this trojan.

[Porfirii]

Mmmm I have a doubt: do these biometric data get stolen from the device, or is the victim asked to provide them? because, if I understood it well and it is because the first reason, then the trojan exploits a vulnerability that should be addressed and fixed in a future update of the OS.

For safety reasons I've never used the facial recognition feature of my smartphone, and while I'm used to unblock it with my fingertip, it's something that I'm reconsidering because of the same reasons.

Anyway, every time we get an unsolicited message from banking or public institutions, always doubt. It's annoying having to stay in constant vigilance mode, but it's better safe than sorry.

[Smartvirus]

The link you provided at OP is such a wall of text but, I did quite a bit to see how these biometric data where or are being utilized for this purpose of scamming but, couldn’t find much on it except where it just wholly stated it to be a swap. A swap in what sense exactly, as the hacker is not likely yo be physically present and have a direct contact with my device to get it opened. How then is this hack possible.

Should there be any hopes of having my wallet imported to a new device before the rest of the procedure, there wouldn’t be need for a biometric data as wallet importing grants you full access to modify wallet as allowed.

Link of confirmation is said to be Smishing and Phishing. It’s something well known but, ain’t a bad idea to get it out once more. Though the threat or scheme might be amongst Asians, predominantly Vietnam and Thailand, its results could push for a wider coverage. Let’s be mindful of our security still.

[Sandra_hakeem]

For every single day, things just start gettting worse instead... Makes me wonder how effective them cyber theft would be over the securities we've got ... I understand that at this point, it's solely our duty to protect our wallets and bank apps too... But I'm just tryna wonder how innovative these theft would be to always bypass every single hindrances...
They weren't referring to no biometrics bruh... There's a bypass only if the person can get few more details, plus your face card.... You wouldn't expect them to go about the normal process now, would you?

Sandra 🧑‍🦰

[Husires]

Everyone is spying on you, so you should avoid uploading your photos and personal data on the Internet or on social media. Cover or remove the selfie camera. Do not keep fingerprint data, etc. You only need a strong password to prevent fraudsters and physical attacks. Biometric data is unnecessary and has an error rate. Its risks are less than using a strong password.

[BitMaxz]

That is why I hate to use facial recognition to use for login passwords even on my phone I choose to use a password or PIN instead of using fingerprint or facial recognition because that's not safe even when using them on finance apps.

If someone poses those biometrics data I'm sure they can use it to log in to bank accounts or any finance app we use and steal all our hard-earned money.
Having a long and strong password is enough for me to keep my wallets and finance app safe than using biometrics.

[nakamura12]

I was quite surprised when I read the title because not too long ago as I was watching youtube videos until I stumbled to a video about a programmer that creates a program of same goal which is to target bank accounts to steal money although there's no mention about crypto wallets but when you think about it is that it has very similar target. I'll be checking it soon to be aware of this trojan as it could help me understand and who knows where my device could be infected with it. It is better to be safe than sorry as I always say.

[Yamane_Keto]

If GoldDigger can access biometric data, this assumes that other non-sensitive data such as keyboard, phone files, personal photos, etc. are all things that the virus can access?

Virus promotion is sometimes done by anti-virus services or for political or regulatory purposes or governmental concerns. Therefore, buy several phones, one for work, another for photography, and another for browsing.