‘Disable iMessages’ ASAP to avoid crypto zero-day exploit: Trust Wallet
The firm’s CEO, Eowyn Chen, shared a screenshot of the supposed “high-risk” exploit being sold on the dark web for a whopping $2 million.
Crypto wallet provider Trust Wallet is urging Apple users to disable iMessage, citing “credible intel” of a zero-day exploit that could allow hackers to take control of users’ phones.
“Alert for iOS users: We have credible intel regarding a high-risk zero-day exploit targeting iMessage on the Dark Web,” the firm posted to X at 7:53 pm UTC on April 16.
The firm stressed the zero-day exploit can infiltrate and take control of iPhone users without clicking a link and that high-value account holders are most at threat.
A zero-day exploit is a cyberattack vector that takes advantage of an unknown or unaddressed security flaw in computer software, hardware or firmware.
Trust Wallet stressed that all crypto wallets held on an iPhone with iMessage switched on are at risk.
The firm’s CEO, Eowyn Chen, shared a screenshot of which she claims to be a potential zero-day exploit, showing an asking price of $2 million for the exploit.
However, the so-called threat was met with skepticism from several industry pundits.
“If this is your ‘credible intel’ it’s embarrassing. You don’t have evidence of a iOS exploit you have a screenshot of a guy claiming to have an exploit,” pseudonymous blockchain researcher Beau said in response to Chen’s screenshot.
Asked whether it’s better to be “safe than sorry,” Beau stressed Trust Wallet’s alert could cause panic-induced harm.
More than 1.2 million X users viewed Trust Wallet’s alert on X over the first four hours.
Another skeptical comment from crypto analyst foobar later led the firm into revealing its intel was sourced from its “security team and partners” that constantly check for threats.
Cointelegraph reached out to Apple but didn’t receive an immediate response.
Related: WinRAR patches zero-day bug that targeted stock and crypto traders
It comes as Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones last month.
Apple’s iMessage application has also been used as an attack vector for hackers in previous events, according to security researchers at Kaspersky.
Meanwhile, more than 280 blockchain networks are at risk of zero-day exploits that could put at least $25 billion worth of crypto at risk, cybersecurity firm Halborn claimed last month.
Responses