Trust Wallet, one of the largest cryptocurrency wallet providers, is advising Apple users to disable iMessage due to “credible” information about a high risk of a “zero-day exploit” targeting the messaging app.
The company claims that the exploit, reportedly being sold on the dark web for $2 million, can infiltrate and take control of iPhones without users needing to click a link.
A zero-day exploit is a type of cyberattack that takes advantage of a previously unknown software or hardware vulnerability before the vendor has had a chance to patch it. These exploits can be particularly dangerous. After all, they can go unnoticed for an extended period of time, leaving systems and networks vulnerable to attacks.
Trust Wallet warns of iMessage vulnerability
Trust Wallet highlighted in its X account that high-value account holders are most at risk. Additionally, all cryptocurrency wallets maintained on an iPhone with iMessage enabled are vulnerable to the exploit.
The company’s CEO, Eowyn Chen, shared a screenshot of the alleged “high-risk” exploit being sold on the dark web, further emphasizing the potential threat.
However, the authenticity of the alleged zero-day exploit has been the subject of skepticism from several industry experts. Pseudonymous blockchain researcher Beau, for example, criticized the evidence provided by Trust Wallet, stating:
“If this is your ‘credible information,’ it’s embarrassing. You don’t have evidence of an iOS exploit, you have a screenshot of some guy claiming to have an exploit.”
When asked if it’s better to be “safe than sorry,” Beau argued that Trust Wallet’s warning could cause panic-induced harm. The company’s X post attracted significant attention, with more than 1.2 million users viewing the alert within the first four hours of publication.
In response to another skeptical comment from cryptocurrency analyst foobar, Trust Wallet revealed that it obtained the information from its “security team and partners” who constantly scan for threats.
This alleged zero-day exploit threat comes shortly after Apple released emergency security updates last month to patch two iOS zero-day vulnerabilities that were exploited in attacks on iPhones.
According to security researchers at Kaspersky, hackers have already used Apple’s iMessage app as an attack vector in previous events.
Source: https://www.criptofacil.com/trust-wallet-alerta-usuarios-do-apple-ios-sobre-vulnerabilidade-do-imessage/
