First-ever iPhone trojan steals Face ID data to access bank accounts – should you worry about it?

There's a first for everything, which includes an iOS trojan that steals Face ID data to access your bank accounts to rip it off. This banking trojan was first created to attack Android users and is now modified to target iPhones as well.

This virus was discovered in a new report from Group-IB (via Tom's Guide). Basically, this iPhone troajn collects facial recognition data, identity documents, and intercepts SMS. The researchers explain that "to exploit the stolen biometric data, the threat actor utilizes AI-driven face-swapping services to create deepfakes. This data, combined with ID documents and the ability to intercept SMS, enables cybercriminals to gain unauthorized access to the victim’s banking account – a new technique of monetary theft previously unseen by Group-IB researchers in other fraud schemes."

Initially, this iPhone trojan used TestFlight to exploit users. Still, after Apple removed this malware, they created a scheme to persuade victims to install a Mobile Device Management (MDM) profile, which allowed the threat actor to gain complete control over the victim's device.

Should I worry about this iPhone trojan?

iPhone 15 Pro Max's screen. Image source: Christian de Looper for BGR

At this moment, Group-IB says the malicious activity of this iPhone trojan is focused in the Asia-Pacific region, especially Vietnam and Thailand. Still, it doesn't mean this malware couldn't expand to other locations, the United States included.

Still, it's better to be safe than sorry, so you should focus on two steps: Don't download TestFlight apps from unknown sources or MDM profiles. One thing is to use your company's MDM profile, the other is to download a random profile from the internet.

While Apple is likely working on a fix for this iPhone trojan, the best way to protect yourself is by relying on known apps and avoiding downloading anything that you might find suspicious. With iPhone sideloading just around the corner for the European Union, you should better stay on the App Store, even with its flaws.

The post First-ever iPhone trojan steals Face ID data to access bank accounts – should you worry about it? appeared first on BGR.

Today's Top Deals

1. This $16 clip-on lens kit fits the iPhone or any Android phone, and it’s awesome
2. Amazon deal offers a 7-inch Android tablet for under $43
3. Save 61% on a 6-port USB rapid charger on Amazon
4. Save 75% on a Canon black and white multifunction laser printer on Amazon