Group-IB, a cybersecurity company, has reported on the GoldDigger money-stealing malware group targeting victims in Thailand and Vietnam. What sets this group apart is their ability to attack both iOS and Android users.
The GoldDigger group’s malware, GoldPickaxe, comes in both iOS and Android versions. iOS users fall prey to installations through TestFlight or installing MDM Profiles, typically used to connect devices to an organization’s system for remote management.
Group-IB specifies that GoldPickaxe does not directly steal money from banking apps on the device like previous malware incidents. Instead, it collects phone numbers, intercepts SMS, and harvests personal information to install banking apps on the victim’s own Android device, siphoning money from their account.
TB-CERT and Thai cyber police have reported and notified on this malware since November.
Source: Group-IB
TLDR: Group-IB reports on the GoldDigger malware group targeting victims in Thailand and Vietnam, able to attack both iOS and Android users with their GoldPickaxe malware. The malware collects information to install banking apps on the victim’s device and steal money.
Leave a Comment