GoldPickaxe

Description

(Group-IB) The GoldPickaxe family, which includes versions for iOS and Android, is based on the GoldDigger Android Trojan and features regular updates designed to enhance their capabilities and evade detection. GoldPickaxe.iOS, Group-IB researchers found, is capable of collecting facial recognition data, identity documents, and intercepting SMS. Its Android sibling has the same functionality but also exhibits other functionalities typical of Android Trojans. To exploit the stolen biometric data, the threat actor utilizes AI-driven face-swapping services to create deepfakes. This data combined with ID documents and the ability to intercept SMS, enables cybercriminals to gain unauthorized access to the victim’s banking account – a new technique of monetary theft, previously unseen by Group-IB researchers in other fraud schemes.

Names

Name
GoldPickaxe

Category

Malware

Type

  • Banking trojan

Information

Other Information

Uuid

8ec4514b-485c-4391-ba81-02d06c44d33b

Last Card Change

2024-03-07