Consider following on social media!
Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!
Photo by Brett Jordan, please support by following @pexel.com
Throughout the many years of us being on this planet, this rock, this existence, or whatever you would like to call it. The complexity of life hasn’t lessened with the release of the Matrix. If you haven’t seen the movie, check it out. It’s a really good movie, it just ugh, will have you question your whole existence. Like “What even am I?” Questioning life aside, you’re probably wondering what new and exciting way technology is being exploited and the possible way your information is being collected. With the recent brainwashing rise of getting everyone comfortable with using AI (artificial intelligence), facial recognition has been employed in scams. We don’t feel the threat in the great US because, well… too much violence (guns, bad, people, worse) but in a nutshell, be glad you don’t live in Thailand. They have a whole different banking system set up over there.
Photo by Pixabay, please support by following @pexel.com
The Attack
Facial recognition, what is it? In simple terms, the device uses the images from your face that it captures so when it comes time for a function to be completed, the device knows that it is you and will complete that function or task. In complex terms; the device captures your images with the camera with an overlay of dots which are a kind of reference point for certain sectors of your face, stores them, finds key features from your face that pair up with the stored image data, this could be anything like a mole, birthmark, or beauty mark, (not sure if women still use that term nowadays), once the process is complete and everything checks out. Congrats, you got in. You are now the one. This whole process is done in ones and zeros and is done in nano-to-milliseconds, you don’t care but it’s still nice to know. We’re all nerds here, of course. Armed with the knowledge of what biometrics or an item of what it is, here’s the attack. Threat actors can use your likeness to get into many areas of your life. Areas such as your phone, financial institution, and pretty much anywhere that requires the use of your facial recognition. Alarming, we know, however, people tend to think “They won’t get anything from me, they’re just practicing.” That’s true if you’re getting robbed at an ATM, however, getting robbed online is a whole new and hard-to-catch ball game.
Photo by Almada Studio, please support by following @pexel.com
Who Can It Be Now
So, who would do something like this we can hear you ask. Clearly, they’re a monster although they might live in a poor country, and this might be a way for them to feed their family. Ha, guilt trip engaged, just because they’re the villain in your story doesn’t mean they’re a villain in others. A group by the name GoldFactory was factored in for the use of the trojan called “GoldPickaxe”, they were spotted some time ago in Thailand and maybe Vietnam. GoldPickaxe was created with the intent to collect face profiles, identification documents, and text messages from the victim’s phone. All of this gave them access to having great names like GoldDigger, GoldDiggerPlus, and GoldKefu given to them by researchers.
Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?
Photo by Basian Riccardi, please support by following @pexel.com
That Sinking Feeling
How does the GoldPickaxe work? As mentioned earlier, GoldPickaxe will infect the victim’s device and begin to collect any information pertaining to facial recognition, and this includes their ID card. Once this information is collected, the threat actor can then gain access to anything tied to the victim. This is a massive problem because, in Thailand, their banking system requires them to use facial recognition to access their accounts. So, pretty much, there’s no way around it, you have to use your face to withdraw or make a deposit.
Photo by Matthew DeVires, please support by following @pexel.com
The Prevention
You don’t want someone to use your face and make a withdrawal from your account? You may be wondering how you protect yourself from something like this happening to you. Since these play on 2MFA (2 multi-factor authentication), you would have to add another level of protection from threat actors having access to your accounts. The best way to think of this is having vault door upon vault doors to protect your valuables. A setup of this would be a password, SMS message verification, email verification, and facial recognition. It may seem like a lot of work to protect what’s important but it’s better than not having anything important to protect.
Photo by Dakota Edwards, please support by following @pexel.com
Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.
Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.
Do you feel like there is something I may have missed on GoldPickaxe? Script a comment below.
Discover more from Scriptingthewhy.com
Subscribe to get the latest posts sent to your email.
