In a mobile-first world, malware doesn’t just steal—it rewrites realities. This talk offers a developer-centric walkthrough of state-of-the-art mobile malware targeting Android and iOS mobile devices, with a spotlight on GoldDigger, a sophisticated mobile application malware that abuses Android’s Accessibility Services to silently hijack user interaction and cause harm.

Through a technical analysis of GoldDigger’s behaviour and infection chain, we’ll unpack the overlooked mechanisms it leverages and why security engineers need to take note. The general public will be shown GoldDigger’s effects. In addition, developers, security enthusiasts, and pen-testers will walk away with actionable insights on designing with defence in mind, hardening their applications, and detecting behavioural anomalies.

This isn’t just another malware overview. While public data on GoldDigger’s tactics remains scarce, this session distils findings from real-world research, offering protective coding strategies rarely discussed outside red team circles. Attendees will leave with:
• How GoldDigger operates and why it's a threat worth tracking
• Practical safeguards Android/iOS developers can implement today.
• Emerging trends in mobile malware — and what’s next on the horizon.

Forget the optimism of 2024—in 2025, the threat landscape has matured, and the attacks have become more subtle, contextual, and embedded in the platform itself. As builders of the mobile experience, developers are on the frontlines—whether knowingly or not, they’re shaping the future of security. Let’s start rewriting realities the right way—together