Group-IB reports that a financially motivated actor it tracks as GoldFactory used smishing/vishing/phishing and government-service impersonation to push malicious APKs and trojan droppers that install modified banking apps across parts of APAC, enabling remote control, data theft, and fraud by bypassing app security controls.