1. Forum
  2. Usenet
  3. MISC.PHONE.MOBILE.IPHONE

  • Here's how to protect against the iPhone GoldPickaxe iOS trojan

    From Oscar Mayer@21:1/5 to All on Sat Feb 17 12:49:15 2024
    Here's how to protect against the iPhone GoldPickaxe trojan. https://9to5mac.com/2024/02/16/protect-against-iphone-trojan-goldpickaxe/

    Goldpickaxe malware can collect an iOS user's biometric information from
    iPhone photos, SMS text messages, intercept web activity, and more.

    While the iPhone trojan was first found distributed through the iOS
    TestFlight beta testing system, Apple was able to shut that down (at least
    for now).

    However, the latest evolution has seen GoldPickaxe being distributed
    through malicious iOS mobile device management (MDM) profiles.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Alan Browne@21:1/5 to Oscar Mayer on Sat Feb 17 13:50:32 2024
    On 2024-02-17 12:49, Oscar Mayer wrote:
    Here's how to protect against the iPhone GoldPickaxe trojan. https://9to5mac.com/2024/02/16/protect-against-iphone-trojan-goldpickaxe/

    Goldpickaxe malware can collect an iOS user's biometric information from iPhone photos, SMS text messages, intercept web activity, and more.
    While the iPhone trojan was first found distributed through the iOS TestFlight beta testing system, Apple was able to shut that down (at least for now).

    However, the latest evolution has seen GoldPickaxe being distributed
    through malicious iOS mobile device management (MDM) profiles.

    Quote from Group-IB: "Social engineering is the primary method used to
    deliver malware to victims’ devices across the whole family of
    GoldFactory Trojans.

    GoldPickaxe.iOS is distributed through Apple’s TestFlight or by social-engineering the victims to install an MDM profile."

    Note the social-engineering required to get this onboard - something
    everyone needs to be vigilant about at all times.

    Vector 1: TestFlight of an iOS app. Less than 1% of iPhone users?
    More? Less? (more likely less). And Apple have slammed that door
    shut. Nothing burger.

    Vector 2: Similar - (MDM profile) something for co. IT people to look
    into as well as warn their users against social engineered attacks.
    Pretty close to a nothing burger.

    Vector 3: social engineering. Everyone should be vigilant at all times
    anyway.

    --
    “Markets can remain irrational longer than your can remain solvent.”
    - John Maynard Keynes.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Oscar Mayer@21:1/5 to Alan Browne on Sat Feb 17 14:48:09 2024
    On Sat, 17 Feb 2024 13:50:32 -0500, Alan Browne wrote:

    Markets can remain irrational longer than your can remain solvent.

    There is a minor typo in your sig. But it's a nothing burger.

    And Apple have slammed that door shut. Nothing burger.

    Another typo but more important, the fact it was there is not a nothing
    burger because Occams Razor tells us there are plenty more also there.

    Vector 2: Similar - (MDM profile) something for co. IT people to look
    into as well as warn their users against social engineered attacks.
    Pretty close to a nothing burger.

    It shows Apple didn't test properly. That's not a nothing burger.

    Everyone should be vigilant at all times anyway.

    True but that's besides the point.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Alan Browne@21:1/5 to Oscar Mayer on Sat Feb 17 20:06:16 2024
    On 2024-02-17 14:48, Oscar Mayer wrote:
    On Sat, 17 Feb 2024 13:50:32 -0500, Alan Browne wrote:

    Markets can remain irrational longer than your can remain solvent.

    There is a minor typo in your sig. But it's a nothing burger.

    I noticed that a few days ago, but haven't fixed it. But is it typical
    of you to post garbage and when challenged to point at squirrels to
    deflect from your worthless posts? Seems so.


    And Apple have slammed that door shut.  Nothing burger.

    Another typo but more important, the fact it was there is not a nothing burger because Occams Razor tells us there are plenty more also there.

    A-holes assailing s/w for illegal monetary gain is new, is it?

    Vector 2: Similar - (MDM profile) something for co. IT people to look
    into as well as warn their users against social engineered attacks.
    Pretty close to a nothing burger.

    It shows Apple didn't test properly. That's not a nothing burger.

    Nobody can test for all eventualities. And as new things creep in, the
    tests get more robust. Wow - so ordinary. Snooze time.

    Everyone should be vigilant at all times anyway.

    True but that's besides the point.

    Not at all. You posted what amounts to an extreme narrow case on top of
    a narrow case. When all that is pointed out, you react poorly. Sheesh.
    Get a grip on reality.

    --
    “Markets can remain irrational longer than you can remain solvent.”
    - John Maynard Keynes.

    "Typos can linger for ages before they're noticed."
    - Editor of 'The Absolute Perfection Guide to Publishing.'

    "Pointing out people's grammar and typos errors on usenet is childish deflection."
    - Everyone above age 12.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Jolly Roger@21:1/5 to Oscar Mayer on Sun Feb 18 03:07:51 2024
    On 2024-02-17, Oscar Mayer <[email protected]> wrote:
    On Sat, 17 Feb 2024 13:50:32 -0500, Alan Browne wrote:

    Vector 2: Similar - (MDM profile) something for co. IT people to look
    into as well as warn their users against social engineered attacks.
    Pretty close to a nothing burger.

    It shows Apple didn't test properly.

    Nah.

    --
    E-mail sent to this address may be devoured by my ravenous SPAM filter.
    I often ignore posts from Google. Use a real news client instead.

    JR

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Jolly Roger@21:1/5 to Oscar Mayer on Sun Feb 18 03:06:33 2024
    On 2024-02-17, Oscar Mayer <[email protected]> wrote:

    Here's how to protect against the iPhone GoldPickaxe trojan. https://9to5mac.com/2024/02/16/protect-against-iphone-trojan-goldpickaxe/

    Goldpickaxe malware can collect an iOS user's biometric information
    from iPhone photos, SMS text messages, intercept web activity, and
    more.

    While the iPhone trojan was first found distributed through the iOS TestFlight beta testing system, Apple was able to shut that down (at
    least for now).

    However, the latest evolution has seen GoldPickaxe being distributed
    through malicious iOS mobile device management (MDM) profiles.

    Misleading clickbait.

    The “facial recognition data” in question here is absolutely NOT Apple’s Face ID data. Instead, it’s a particular Vietnamese banking app which requires its own separate facial scans from its users that was
    compromised.

    Also, the app was NEVER available in Apple’s App Store. Instead, users
    had to install the app through Test Flight from an untrusted developer
    account. And after Apple revoked the associated developer account, users
    had to manually install an untrusted Mobile Device Management (MDM)
    profile in order to install the app.

    Details here, for anyone interested: https://www.group-ib.com/blog/goldfactory-ios-trojan/

    While (thankfully) customers outside the EU have to jump through such
    hoops to be compromised, EU customers who use alternative apps stores
    should buckle up for a rough ride, because the risk of them falling
    victim to this sort of thing is about to get a lot higher. 😉

    --
    E-mail sent to this address may be devoured by my ravenous SPAM filter.
    I often ignore posts from Google. Use a real news client instead.

    JR

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?Q?J=C3=B6rg_Lorenz?=@21:1/5 to All on Sun Feb 18 08:07:06 2024
    Am 18.02.24 um 04:06 schrieb Jolly Roger:
    EU customers who use alternative apps stores
    should buckle up for a rough ride, because the risk of them falling
    victim to this sort of thing is about to get a lot higher. 😉

    Has no practical relevance.

    --
    "Gutta cavat lapidem." (Ovid)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)