Company Apple constantly updates its operating systems with security patches, which attackers often try to exploit to launch various attacks on users. Cybersecurity company Group-IB this week reported on the existence of a new Trojan horse, GoldDigger, which targets users of the operating system iOS and robs their bank accounts.
You could be interested in
According to a detailed report by Group-IB, the GoldDigger Trojan was first created for the Android operating system, but has now been successfully ported to devices as well. iPhone and iPad. The company claims that this is potentially the first Trojan horse created for iOS, which can be quite dangerous as it collects facial recognition data, identity documents and even SMS.
With all this data, hackers use AI-based tools to create deepfakes and gain access to victims' bank accounts. By the time victims realize what has happened, it may be too late.
GoldDigger was first distributed via the service TestFlight company Apple – it allows developers to publish beta versions of their applications without having to go through the review process in App Store. After it Apple z TestFlightu removed, however, the hackers chose a more sophisticated approach based on the MDM (Mobile Device Management) profile, which is primarily used to manage corporate devices.
Gallery
These profiles allow companies to customize and control many aspects of the system to suit their needs. However, hackers can sometimes use various methods to convince users to install a malicious profile and download an app outside of the store. App Store. When this happens, they can collect all the necessary data. According to the report, GoldDigger primarily targets users in Vietnam and Thailand, but it could also be used to attack users in other parts of the world. Group-IB claims that the Trojan is currently in an active development phase.
At least for now, it seems that even the latest versions of operating systems iOS and iPadOS are still vulnerable to this Trojan. Group-IB claims that it has already notified the company about the Trojan Apple, so it's likely that a fix is already in the works. For now, the best thing you can do to avoid such attacks is to not install apps from sources you don't trust.
So much for opening the platform... (Link to the last sentence of the article). Thanks to the EU…
As you can see, the system is not open yet, and there will still be a way to get in. iPhone malware to get through existing methods. I think this is not just about a closed system.
And what if it's an activity instead? AppI don't want third parties to be trusted 😃 I would of course rather stay in a "closed" world of this type.