GoldPickaxe Trojan Blends Biometrics Theft and Deepfakes to Scam Banks
Group-IB warns of new Trojan GoldPickaxe designed to bypass banking facial recognition with deepfakes
Stay updated with the latest facial recognition news within the realm of information security, exploring privacy, trends, and security threats.
Search across headline titles and summaries.
Background for this topic.
Facial recognition analyzes facial images or video to estimate whether a face matches a claimed identity (1:1 verification) or to search for a person among enrolled identities (1:N identification). Systems typically extract a mathematical template rather than store only the original photo, then compare it with enrolled templates; accuracy depends on image quality, model behavior, and operating conditions. This differs from simple face detection, which only locates a face.
For security practitioners, the main concerns are spoofing with photos, video, masks, or synthetic media, and compromise of cameras, enrollment workflows, templates, or recognition APIs. Liveness or presentation-attack detection, protected sensors and APIs, strict enrollment and fallback controls, and rate limiting can reduce these risks, but facial matching should not automatically be treated as proof of identity. Facial templates are sensitive biometric data: unlike a password, they cannot readily be changed after exposure. Minimize collection, encrypt and segregate templates, restrict retention and access, test error rates, and address applicable privacy and biometric-data requirements.
Group-IB warns of new Trojan GoldPickaxe designed to bypass banking facial recognition with deepfakes
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS