10.3 C
Tuesday, February 20, 2024

New Gold Pickaxe Malware Goals To Steal Customers’ Faces

One other risk surfaces on-line for cell phone customers that targets Android and iOS units alike. Recognized as “Gold Pickaxe,” the brand new malware is a potent information stealing trojan that sometimes goals at stealing facial recognition information alongside different delicate info.

Gold Pickaxe Android Malware Operating Lively Campaigns

Based on a latest Group-IB report, a brand new malware, “Gold Pickaxe,” is actively concentrating on Android and iOS customers. The malware lures sufferer customers into downloading it through social engineering.

The researchers traced again the malicious marketing campaign to June 2023, when one other malware from the identical risk actors appeared on-line. Recognized as “GoldDigger,” it seemingly served as a predecessor for the newly recognized Gold Pickaxe trojan, concentrating on Vietnamese banks’ customers. It was then adopted by GoldDiggerPlus and GoldKefu in September 2023, resulting in “Gold Pickaxe,” which appeared on-line in October 2023.

Concerning the malware functionalities, the researchers defined Gold Pickaxe as a data-stealing trojan aiming at private/delicate information. Nonetheless, what makes it noteworthy is its superior functionalities and particular purpose at victims’ facial recognition information.

First, the earlier three malware focused Android units, however the newest variant, “Gold Pickaxe,” additionally targets iOS units. This permits the malware to focus on a wider consumer base globally. Secondly, Gold Pickaxe, alongside stealing different information, additionally goals at pilfering facial recognition information, biometric information, and identification paperwork. With these particulars, the attackers intend to create sufferer customers’ deepfakes to trick banking apps and carry out monetary frauds. This method significantly facilitates the attackers in attacking Thai banks the place facial scans are generally utilized for protected transactions.

The researchers have shared an in depth technical evaluation of this malware of their publish. Concerning the risk actors’ identification, the researchers recognized them as a Chinese language entity, “GoldFactory,” which was additionally hinted at by the presence of Chinese language language within the malware’s C&C servers and debugging strings. Additionally they noticed some similarities between the GoldFactory trojans and one other banking trojan “Gigabud.” Nonetheless, they couldn’t set up a particular hyperlink between the 2.

Tell us your ideas within the feedback.

Latest news
Related news


Please enter your comment!
Please enter your name here