In recent years, facial recognition has become popular as a secure authentication tool, with major companies such as Apple demonstrating its effectiveness. This advancement has generated confidence in sectors such as banking, with 60% of IT and cybersecurity leaders in the US considering replacing passwords with this technology.
However, ESET’s Threat Report warns that cybercriminals are using fake mobile apps and AI-powered face-swapping services to gain unauthorized access to accounts, highlighting that biometric recognition is not foolproof.
“GoldPickaxe has versions for both Android and iOS and has been targeting victims in Southeast Asia through localized malicious apps. We have also detected other variants in Latin America and South Africa, so it is advisable to stay alert to these emerging threats and strengthen our security measures to protect ourselves before they reach Spain,” says Josep Albors, director of research and awareness at ESET Spain.
New attack vector: GoldPickaxe
The Android version of GoldPickaxe is distributed via fake websites that mimic the Google Play store, while on iOS a social engineering scheme is used to install an MDM profile and gain full control of the device. The malware asks victims to record a video, which is then used to create AI-powered deepfakes.
GoldPickaxe uses social engineering and MDM profiles to access mobile devices, stealing facial data and personal documents to impersonate the victim in financial transactions
Additionally, it requests ID documents, intercepts SMS, and redirects traffic through a proxy server. Instead of performing unauthorized transactions directly, GoldPickaxe collects the information needed to access the victim’s banking app.
The importance of prevention
Given the increasing use of advanced malware and Artificial Intelligence for the production of deepfake videos, it is clear that cybercriminals are putting more and more effort into crafting their attacks. However, such threats can be prevented with the right measures. ESET, a leading cybersecurity company, offers 7 basic tips and recommendations to protect yourself:
- Always check for notifications about prizes and bonuses: If you receive notifications about prizes, discounts or pension bonuses, check the authenticity of these claims. If it seems too good to be true, it is probably some kind of scam.
- Use only official app stores: Download mobile apps only from official app stores such as Google Play Store and Apple App Store. Avoid websites that distribute mobile apps from dubious sources.
- Recognize phishing: Learn how to identify phishing websites and don’t be fooled by them. Stay informed about the most common phishing techniques
- Run security scans on your smartphone: If you notice any suspicious activity on your mobile device, run a security scan with a trusted app to detect and remove potential threats.
- Remove malicious apps and restart your phone: If you discover a malicious app on your device, remove it immediately and restart your phone. In some cases, it may be necessary to reset your Android device to factory settings.
- Use reliable cybersecurity protection: Protect your mobile device with a cybersecurity solution that can detect and block threats during the download process, such as ESET Mobile Security. These tools can scan all files in download folders and provide additional protection against phishing, theft and fraud.
- Implement multi-layer security: Remember that a single authentication method, no matter how advanced, does not guarantee complete security. Cybercriminals are creative, so it is important to have a multi-layered defense that includes multi-factor authentication (MFA) and other cybersecurity measures.