[ad_1]
While it’s true that iPhones are more secure than Android devices, they’re not immune to attack. A new report has suddenly warned Apple users that a dangerous Trojan is targeting users’ bank accounts and stealing facial recognition data from their iPhones.
iOS facial recognition warning
AFP (via Getty Images)
Group-IB acknowledged that this was an “extremely rare event” and said that “a new sophisticated mobile Trojan specifically targeting iOS users” had “intercepted facial recognition data, identity documents and SMS.” It warns that it has been discovered collecting “.
That this is a previously detected variant of Android malware is cold comfort to iPhone users who are convinced that what happens on their iPhone stays on their iPhone.
This malware does not compromise the FaceID data on the iPhone itself, leaving it completely locked down. Instead, it is designed to steal facial captures from devices and input them into an “AI-driven face-swapping service.” This is to create deepfakes. ” These, combined with her intercepted SMS messages, allow “cybercriminals to gain unauthorized access to the victim’s bank account.”
Group-IB describes it as a “new…never seen before…money theft technique.” Researchers say the attacks so far have been primarily concentrated in the Asia-Pacific region.
Initially, hackers relied on Apple’s TestFlight (which distributed beta software) to distribute malware. Once this method was shut down, social engineering techniques were used to trick users into installing her MDM profile on their phones, “giving the attacker complete control over the victim’s device.”
Malware timeline
Group IB
The focus of this malware is facial identity verification, either via an app or as part of a seemingly sophisticated online banking identity verification. This illustrates the clear risks of using facial data to confirm more transactions than ever before.
So-called liveness and anti-spoofing technologies are designed to combat exactly this, but the increasing ease of use of deep fakes is undermining these protections. Combining deepfakes with secondary forms of identification, such as SMS one-time passcodes, appears to be an easy way to defeat security. A single malware that targets both facial data and SMS makes this a one-stop shop.
According to Group-IB, social engineering techniques used popular messaging apps to induce users to install seemingly official government apps or click on fake web pages. These were used to retrieve information from users and their devices.
This report will get a lot of attention because it combines attacks on iPhones and collection of facial data. The fact that this isn’t Apple’s own FaceID capture doesn’t make the concern go away. However, this problem is not common. The attack won’t work unless the iPhone user succumbs to social engineering in the first place, such as by installing an app or clicking on his fraudulent web page. There is one important point here.
Of course, another important point is that iPhone users should be just as careful as Android users when installing, clicking, or opening on their phones. If you don’t implicitly trust the sender or developer, leave it alone.
I contacted Apple for comment on the Group-IB report.
Previous attacks have primarily focused on Asia, but this appears to represent a new attack vector that applies everywhere. And Android users have even more to worry about. The same threat previously discovered on Android devices was more dangerous and had the potential to capture more user data.
The threat posed by deepfake technology is generating increasingly alarming headlines given the reality of its output, ease of use, and ready availability. This will only get worse. The cyber theme of 2024 is rapidly becoming AI-centric (1, 2), introducing many new threats that never existed before.
This warning represents a (false) version of what is to come.
follow me twitter Or LinkedIn.
[ad_2]
Source link
