A new Trojan malware has been discovered by a cybersecurity company. It targets iPhones and more particularly facial recognition data as well as identity documents and SMS messages.
This could well be the first Trojan designed for iOS and it could be very dangerous. In any case, this is what Group-IB, a cybersecurity company, declares.
A Trojan horse on iOS: should we panic? Answer: no
As described by Group-IB, the malware is called “ GoldDigger » (literally gold digger in French, but the term refers to a person who loves others for their money). It would have been first developed for Android, but then ported to iPhones and iPads and with success.
Its goal: to collect facial recognition data (from Face ID), identity documents, SMS messages. With all this data and artificial intelligence tools, hackers would try to create false documents in order to gain access to bank accounts.
At the moment, it appears that GoldDigger is primarily targeting users based in Vietnam and Thailand. Group-IB says it has informed Apple of GoldDigger: it is very likely that the iOS publisher is working on a security patch to be deployed quickly. For the moment, the best practice is to continue to install your applications on the App Store only.
How this malware got onto the iPhone
Still according to Group-IB, the hackers had tried to go through Apple’s TestFlight program, which allows developers to distribute their applications in beta version, without going through the App Store and its verification process. Unfortunately, Apple spotted the deception and removed the application containing the malware from TestFlight.
Subsequently, they tried another approach, relying on a mobile device management profile, a procedure mainly used in businesses. It allows them to control different aspects of iOS.
And this is what offers hackers the opportunity to install a particular profile by convincing victims. Then, they can install applications without going through the App Store. This is where the trap closes and hackers can recover the documents they are interested in.