- Trust Wallet has raised the alarm about a reported iMessage vulnerability.
- The identified iMessage exploit poses a risk to the crypto industry.
- Safety measures ensure protection against the loss of assets.
Hacks and scams have long plagued the crypto industry, central to the relentless threat of malicious actors to constantly target the asset class for selfish gain. Only four months into this year, more than 223 on-chain security exploits have occurred, leading to a loss of approximately $503 million.
The increasing threat has put security experts on high alert to ensure protection against exploits, and Trust Wallet is joining in with a warning.
Trust Wallet Cites iMessage Vulnerability
On Tuesday, April 16, Trust Wallet alerted the crypto industry to a high-risk security vulnerability targeting iOS users.
Sponsored
According to Trust Wallet, The “zero-day” exploit was first detected in an auction on the dark web, where a hacker was offering to sell intel for $2M.
While the alert raised questions about the legitimacy of Trust Wallet’s claims, the firm doubled down on its source’s credibility, asserting the vulnerability on iOS devices and the potential danger associated with it.
How Does the Reported Exploit Work?
The iMessage zero-day vulnerability is a remote code execution (RCE), a security flaw that allows unauthorized individuals to control unsuspecting victims’ devices without physical access.
Described as “zero-click,” the reported exploit’s sophistication permits malicious actors to initiate attacks and seize assets without any requiring action from the victim, such as clicking compromised links, inputting passwords, or downloading harmful data.
The dark web display highlighted that the iMessage exploit supports over 17 iOS versions, underscoring the danger it poses if exploited.
Who Does the iMessage Vulnerability Affect?
The flagged vulnerability is not exclusive to Trust Wallet users. When the iMessage feature is turned on, it poses a risk to all iOS users.
Trust Wallet emphasized that high-value investors with robust crypto holdings are prime targets. However, malicious actors are known to target every wallet, making the broader industry susceptible to the threat.
How to Stay Safe
While there has been no official confirmation from the involved firm, we advise users to implement safety practices across all devices to prevent exposure to the flagged exploit. To do this, follow these simple steps to adjust your iOS settings:
- Go to Settings: Open your device and locate the Message application. You can do this by scrolling through your application list or using the search function.
- Disable iMessage Feature: Toggle the switch next to the icon to switch the feature off. This action does not restrict your ability to communicate. Still, it automatically reverts your settings to the regular messaging option, enabling you to share and receive texts without risking vulnerability to the exploit.
- Maintain iMessage Off Until Further Notice: Maintaining vigilance and applying security practices pending official clearance from the involved parties is important. As such, users are advised to stick with the settings update until further notice from Apple or security experts.
- Exercise Caution: The identified vulnerability is described as a “remote code execution” (RCE). However, users are urged to avoid unusual interactions such as clicking on suspicious links, especially those received via messages or emails.
Adjusting these settings can reduce vulnerability to potential exploits and safeguard your assets from theft.
On the Flipside
- The $503 million lost in Q1 2024 to hacks and scams is a 54% increase in the value lost in 2023 Q1, $326 million.
- On April 9, blockchain CertiK alerted the industry of a vulnerability in the Telegram social messaging platform.
- Ethereum Layer 2 Chain users are facing increasing security threats as experts warn of over three rugpull projects.
Why This Matters
The increasing number of warnings regarding vulnerabilities in messaging platforms across the industry highlights the susceptibility of digital communication platforms to security threats, underscoring the importance of adhering to safety measures to mitigate associated risks and prevent potential exploits.
Read more on Telegram’s assurance against the exploit and CertiK’s insistence:
CertiK Doubles Down on Finding Telegram Exploit
The SUI token is recovering from the weekend crypto crash. Read here to discover how:
SUI Rises 14% in a Single Day as Crypto Market Crash Calms