In a comprehensive investigation conducted by Group-IB, a new and sophisticated cluster of banking Trojans, spearheaded by the previously unknown GoldPickaxe malware, has been uncovered. This cluster is part of a concerted effort by a threat actor dubbed GoldFactory, targeting the Asia-Pacific region with a specific focus on Vietnam and Thailand. The GoldPickaxe family, including variants for both Android and iOS platforms, signifies a notable evolution in mobile banking Trojans, incorporating advanced techniques such as the collection of facial recognition data, identity documents, and the interception of SMS to facilitate unauthorized access to victims’ banking accounts through the use of AI-driven deepfake technology.
Disclaimer: This article is part of X-Force OSINT Advisories’ automated collection to enable faster integration of open-source articles to client environments. All credit and copyright goes to the original authors.
Sample Indicators of Compromise:
b72d9a6bd2c350f47c06dfa443ff7baa59eed090ead34bd553c0298ad6631875t8bc.xyzms2ve.cchzc5.xyzd8834a21bc70fbe202cb7c865d97301540d4c27741380e877551e35be1b7276b