Trust Wallet releases advisory on zero-day exploit exposing iOS users

7 months ago 31
ARTICLE AD

The spread of this exploit is currently estimated to be only on iOS devices, though it may be replicated on more platforms.

Trust Wallet, a prominent crypto wallet provider, is advising Apple users to disable iMessage due to “credible intel” regarding a high-risk zero-day exploit targeting the messaging app.

The firm claims that the exploit, which is allegedly being sold on the dark web for $2 million, can infiltrate and take control of iPhone users without the need for them to click on a link.

1/2: ⚠️ Alert for iOS users: We have credible intel regarding a high-risk zero-day exploit targeting iMessage on the Dark Web.

This can infiltrate your iPhone without clicking any link. High-value targets are likely. Each use raises detection risk. #CyberSecurity

— Trust Wallet (@TrustWallet) April 15, 2024

A zero-day exploit is a cyberattack that takes advantage of a previously unknown software or hardware vulnerability before the vendor has had a chance to address it. These exploits can be particularly dangerous because they can go undetected for an extended period, leaving systems and networks vulnerable to attacks.

Trust Wallet stressed that high-value account holders are most at risk and that all crypto wallets held on an iPhone with iMessage switched on are vulnerable to the exploit. The firm’s CEO, Eowyn Chen, shared a screenshot of the supposed “high-risk” exploit being sold on the dark web, further emphasizing the potential threat. There has been no confirmation of the

However, the authenticity of the alleged zero-day exploit has been met with skepticism from several industry experts. Pseudonymous blockchain researcher Beau criticized the evidence provided by Trust Wallet, stating:

“If this is your ‘credible intel’ it’s embarrassing. You don’t have evidence of a iOS exploit you have a screenshot of a guy claiming to have an exploit.”

When asked whether it’s better to be “safe than sorry,” Beau argued that Trust Wallet’s alert could cause panic-induced harm. The firm’s post on X garnered significant attention, with more than 1.2 million users viewing the alert within the first four hours of its posting.

In response to another skeptical comment from crypto analyst foobar, Trust Wallet revealed that its intel was sourced from its “security team and partners” who constantly check for threats.

This alleged zero-day exploit threat comes on the heels of Apple releasing emergency security updates last month to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. According to security researchers at Kaspersky, Apple’s iMessage application has been used as an attack vector for hackers in previous events. In February, Curve Finance also warned of a fake app on the App Store impersonating their product and platform.

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight - and oversight - of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

Read Entire Article