Last night, the cryptocurrency wallet provider Trust Wallet warned the entire crypto community by revealing shocking details about a potential fraud that would exploit a vulnerability in the iMessage function of iOS devices.
On the dark web there is evidence of a hacker who would be selling personal information of a user, extracted from an iPhone through iMessage, for 2 million euros.
In the midst of the general turmoil, there have been criticisms from some computer experts who claim the spread of unverified news by Trust Wallet.
Let’s see all the details below.
Summary
Trust Wallet and the alert for an alleged digital fraud exploiting a vulnerability in the iMessage function for iOS devices
Trust Wallet, one of the main providers of solutions for self-custody of cryptocurrencies, yesterday evening launched an alarm that shocked the entire community.
According to alleged “credible information”, the company has announced through a tweet on X that on all devices iOS, more precisely within the iMessage section, there is a vulnerability that could allow hackers to take control of the iPhone.
The most worrying thing about this warning is that, according to what Trust Wallet has reconstructed, there wouldn’t even be a need for user interaction (click on malicious link, malware, etc.) to compromise the device.
The company has emphasized how data from “zero-day” exploits, which exploit a security vulnerability in the software, hardware, or firmware of a computer, are currently being sold on the dark web for 2 million euros, targeting high-end accounts as victims.
Trust Wallet suggests anyone with an iOS phone to disable the “toggle iMessage” function, going through the device settings in the “messages” section.
Even Eowyn Chen, CEO of the same company producing cryptographic wallets, emphasized the seriousness of the situation by showing a screenshot of the ransom requested by a hacker on the dark web for information extracted in this kind of exploit.
According to some security researchers at Kaspersky, Apple’s iMessage application has been used for other cyber attacks in the past.
Now, if the vulnerability is confirmed by the same tech giant, a software update will probably be released to “fix” the problem.
According to the latest estimates, about 280 decentralized networks are currently at risk, with a total capital amounting to 25 billion dollars.
More details on the issue: the company responds after being accused of spreading fake news
The alarm launched by Trust Wallet regarding the alleged “zero-day” exploit that exploits iMessage to target iOS users has received such great media attention that it has fueled the intervention of industry computer experts.
The threat identified by the non-custodial wallet provider has not been welcomed with confidence by several users who have criticized the alleged “reliability” and “truthfulness” of the information disseminated.
In particular, the user “Beau“, who is in charge of security for the NFT project “Pudgy Penguins“, stated that a screenshot of a boy claiming to have an exploit is not a reliable proof of a vulnerability in progress, and that in case of concern the company should have first contacted Apple before spreading unreliable information.
The Trust Wallet post, which received 1.2 million views in four hours on X, according to Beau could bring FUD and unjustified panic within the crypto sector.
Obviously, the CEO of the company did not fail to respond, stating that sometimes it is “better to prevent than to cure.”
Amidst the community debate, another skeptical comment has also come from the cryptographic analyst “Foobar”, who criticized the origin of the “sources“.
Trust Wallet just a few hours after the incident, then published another post in which it tried to explain where the information about the alleged exploit came from, citing a reliable partner team and researchers dedicated to cybersecurity topics.
Reiterating its commitment to protecting the crypto community from any kind of threat, the company stated that:
“Your security is fundamental and we will continue to share risks like this with our users and with the wider cryptographic community.”
The wallet provider then clarified that she is not opposed to Apple products and supports the convenient “iMessage” service, but in delicate situations like these it is better to deactivate the toggle in the settings and limit communication to exchanging messages via SMS or other messaging services.
