iPhones and Apple products, in general, have been the most secure devices that you can buy in recent years. It's even been a part of Apple's marketing, a reason you should choose an Apple product over something made by Microsoft or running Android. That means that it's always big news when there's a new virus that seems to exploit a weakness in Apple's devices — and this one seems to be a big one.
Group-IB, the cyber security firm, has confirmed that there is a new threat for iPhone users, which brings a trojan called GolDigger from Android to iOS.
What is GolDigger?
Having initially been brought to the iPhone through TestPilot, the trojan was moved to a sneakier approach when Apple banned it from the TestPilot program. Now, the virus is downloaded through an enterprise-level 'MDM' or Mobile Device Management profile.
The virus, once installed on your device, collects "facial recognition data, identity documents, and" is proficient at "intercepting SMS". With this data, a hacker can create an AI-based deep fake of the user, and use it to access bank accounts, potentially stealing lots of money.
This iOS version has been named "GoldPickaxe.iOS" by Group-IB and has been "attributed by Group-IB to a single threat actor, codenamed GoldFactory that has developed a sophisticated suite of mobile banking malware."
Should you be worried?
Not yet worried — Group-IB points out that the virus is currently only targeting people who live in Vietnam and Thailand. It is quick to mention that there are "emerging signs that GoldFactory’s geography of operations may be extended beyond Vietnam and Thailand", however, so it's worth highlighting how we should all be careful.
As yet, there seems to be no iOS update to counter the trojan, although if it makes it way to our shores then it's likely Apple will take notice and get started on a security update. It shows that you should be keeping your phone as up to date as possible — after all, these things move fast and new threats can appear in a matter of days.
