Uptime Hamster: 15d 10h 52mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza GoldFactory

GoldFactory

0 incidentes 0 paises 0 sectores apt CN Ultimo: -
Ver en IntelTracker → APTTrail →
GoldFactory is a financially motivated cybercrime group that emerged in mid-2023, primarily targeting financial institutions and government services in the Asia-Pacific region. Assessed to be of Chinese origin with strong ties to cybercrime operations, the group's distinctive approach lies in its innovative use of AI-enabled mobile banking trojans, notably being the first recorded instance of an iOS trojan, GoldPickaxe, capable of stealing facial recognition data to generate deepfakes and bypass biometric authentication for unauthorized access to bank accounts. The group consistently adapts its tactics, developing multiple malware families to conduct sophisticated mobile fraud campaigns, and its operations are distinct from common ransomware groups due to this specialized focus on biometric bypass for direct financial theft.
Tecnicas MITRE
T1078, T1027.002, T1059.003, T1566.001
Tipo
apt
Pais origen
CN
Motivacion
-
Impacto
7
Actualizado
Sat, 24 Fe

Sectores objetivo (SOCRadar)

Grantmaking and Giving ServicesData Processing, Hosting, and Related Services