Binance-backed Trust Wallet cited “credible intel” pointing to a high-risk attack vector that hackers can deploy via Apple iMessage.
The self-custodial crypto wallet provider said dark web hackers target iPhone and iOS users through a zero-day exploit on Apple’s default messenger. Trust Wallet’s alert suggested that the exploit corridor has been on the tech giant’s device since day one.
However, the startup did not specify who provided the information or if users had incurred any crypto losses.
Trust Wallet recommended turning off iMessage completely from Apple settings to mitigate the issue pending a code fix. At press time, the Silicon Valley heavyweight had neither addressed nor denied the claims.
2/2: 🚨 Recommended action to guard against this iMessage exploit; disable iMessages ASAP until Apple patches this. Navigate to Settings -> Messages -> toggle iMessage off. Maintain this precaution until Apple issues a security patch. Your security is our priority. Stay #SAFU…
— Trust Wallet (@TrustWallet) April 15, 2024
The National Institute of Standards and Technology (NIST), a branch of the United States Department of Commerce, previously reported investigations into the Binance-owned application, citing a security flaw noticed in its iOS version.
You might also like: Trust Wallet discloses Jan. 17 third-party breach
Apple caught in crypto crosshair
Trust Wallet is the second crypto wallet solution to warn users about this month’s Apple-related issue. As crypto.news previously reported, Bitcoin (BTC) wallet UniSat notified users of a fake version of its decentralized storage solution on the iOS app store.
Last month, the crypto community was aware of a side-channel attack vector, GoFetch. This vulnerability allowed bad actors to steal cryptographic keys due to a CPU cache bug in Apple’s M1, M2, and M3 MacBook computer chips.
The company acknowledged the issue, but details on a security patch have yet to surface. As a precaution, industry voices like Errata Security CEO Robert Graham advised users with substantial crypto holdings to move assets off iOS devices.
Read more: Apple draws crypto criticism again: what you need to know