Trust Wallet, a leading provider of crypto wallets, has issued an advisory to Apple users regarding potential iMessage vulnerability. The warning stems from credible intelligence indicating the presence of a zero-day exploit in the iOS iMessage platform, available for purchase on the dark web for a staggering $2 million.
According to Trust Wallet, this iMessage zero-day exploit poses a threat as it allows hackers to gain control of iPhones without any interaction from the user. Unlike traditional exploits that require clicking on malicious links or downloading infected files, this exploit operates seamlessly, making it especially threatening for high-value targets.
Trust Wallet Issues Warning about iOS iMessage Vulnerability
While Trust Wallet’s alert has raised questions about iOS security, with some probing the authenticity of the intelligence shared by CEO Eowyn Chen, the company stands by its warning.
Trust Wallet emphasizes that the information is sourced from its security team and trusted partners, highlighting the urgency of the situation amidst growing concerns about cybersecurity, particularly within the blockchain ecosystem.
The advisory advises iOS users to take immediate action to safeguard their devices by disabling iMessage until Apple addresses the vulnerability with a security patch.
Disabling iMessage can be done through the Settings menu, under Messages, by toggling the iMessage option off. Trust Wallet reassures users that their security remains a top priority, urging vigilance until the issue is resolved.
CEO Eowyn Chen has shared a screenshot purportedly depicting the zero-day exploit for sale, highlighting the gravity of the situation.
The Cyber Express has also reached out to Apple to learn more about this iMessage vulnerability. However, at the time of writing this, no official statement or response has been received regarding the iMessage vulnerability. Consequently, new threat actors have started posting about the iMessage exploit and selling the same on hacking forums, creating a chain-reaction of threat actors levering the exploit for sales.
The Recent Apple Vulnerabilities
In light of these developments, users are advised to exercise caution and remain vigilant against potential threats, particularly as hackers continue to exploit these Apple vulnerabilities.
Previously, academic researchers from five different universities revealed a newly discovered vulnerability in Apple’s M-series chips, allowing attackers to extract secret keys from Macs during cryptographic operations.
This flaw, inherent in the silicon’s design, cannot be directly patched. Instead, it requires third-party cryptographic software defenses, potentially slowing M-series performance. The vulnerability stems from the chips’ prefetcher, which predicts data access, inadvertently leaking key material.
Dubbed “GoFetch,” the attack can extract various key types in relatively short timeframes. Exploiting normal user privileges, GoFetch mines secrets while running alongside targeted applications.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
