iOS, Android Malware Steals Faces to Defeat Biometrics With AI Swaps
Southeast Asia is learning the hard way that biometric scans are nearly as easy to bypass as other kinds of authentication data, thanks to a creative banking Trojan.
Android is Google's mobile operating system, whose apps, devices, and updates create a broad security surface for vulnerabilities and advisories.
Search across headline titles and summaries.
Background for this topic.
Android is an open-source operating system for mobile devices based on the Linux kernel, supporting apps primarily written in Java and Kotlin. Its architecture enforces app sandboxing and a permission model to isolate apps and restrict access to sensitive data or system features. However, Android’s allowance for installing apps from unofficial sources increases exposure to malicious software outside the vetted app store environment.
Security risks on Android include malware distribution via sideloaded apps, privilege escalation exploiting OS or pre-installed app vulnerabilities, and data leakage through excessive app permissions. Fragmentation in device models and delayed security updates complicate patch management, making timely application of security patches and careful permission control essential defensive practices for reducing attack surfaces on Android devices. Understanding these factors is critical for managing vulnerabilities in both consumer and enterprise contexts.
Southeast Asia is learning the hard way that biometric scans are nearly as easy to bypass as other kinds of authentication data, thanks to a creative banking Trojan.
GoldPickaxe Malware Can Record User’s Face - Use Video to Commit Deepfake ScamsA Chinese-speaking cybercrime group with the codename GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can harvest and steal personal details, including biometric face profiles, that attackers use to create AI-driven deepfakes to fool bank defenses, researchers warn.
Deepfake-enabled attacks against Android and iOS users are netting criminals serious cash Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts – thought to be a world first.…
Both iOS and Android Variants Can Record Face Videos, Used to Create AI DeepfakesA Chinese-speaking cybercrime group codenamed GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can to harvest and steal personal details, including biometric face profiles, which attackers use to create AI-driven deepfakes to fool bank defenses, researchers warn.
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS
A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. [...]
SAP, Adobe, Intel, AMD also issue fixes as well as Google for Android Patch Tuesday Microsoft fixed 73 security holes in this February's Patch Tuesday, and you better get moving because two of the vulnerabilities are under active attack.…