Share this article
Trust Wallet, a leading crypto wallet provider, is advising Apple users to disable iMessage due to “credible information” regarding a high-risk zero-day exploit targeting the messaging app.
The company claims the exploit, which is reportedly being sold on the dark web for $2 million, can infiltrate and take control of iPhone users without them needing to click a link.
1/2: ⚠️ Alert for iOS users: We have credible information regarding a high-risk zero-day exploit targeting iMessage on the Dark Web.
It can infiltrate your iPhone without clicking any links. High value targets are likely. Each use increases the risk of detection. #Cybersecurity
– Trust Wallet (@TrustWallet) April 15, 2024
A zero-day exploit is a cyberattack that exploits a previously unknown software or hardware vulnerability before the vendor has had a chance to remediate it. These exploits can be particularly dangerous because they can go unnoticed for an extended period of time, leaving systems and networks vulnerable to attack.
Trust Wallet highlighted that high-value account holders are most at risk and that any crypto wallets held on an iPhone with iMessage enabled are vulnerable to the exploit. The company's CEO, Éowyn Chen, shared a screenshot of the supposedly “high-risk” exploit being sold on the dark web, further highlighting the potential threat. There has been no confirmation of
However, the authenticity of the alleged zero-day exploit has sparked skepticism from several industry experts. Beau, pseudonymous blockchain researcher critical the evidence provided by Trust Wallet, indicating:
“If this is your 'credible information,' it's embarrassing. You have no proof of an iOS exploit, you have a screenshot of a guy claiming to have an exploit.
When asked if it's “better to be safe than sorry,” Beau said Trust Wallet's alert could cause panic-induced damage. The company's post on X generated considerable attention, with more than 1.2 million users viewing the alert within four hours of its publication.
In response to another skeptical comment from crypto analyst foobar, Trust Wallet revealed that its information came from its “security team and partners” who constantly check for threats.
This alleged zero-day exploit threat follows Apple's release of emergency security updates last month to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. According to security researchers at Kaspersky, Apple's iMessage app has been used as an attack vector by hackers in previous events. In February, Curve Finance also warned of a fake app on the App Store impersonating its product and platform.
Share this article