Binance-backed Trust Wallet cited “credible intel” pointing to a high-risk attack vector that hackers can deploy via Apple iMessage.
The self-custodial crypto wallet provider said dark web hackers target iPhone and iOS users through a zero-day exploit on Apple’s default messenger. Trust Wallet’s alert suggested that the exploit corridor has been on the tech giant’s device since day one.
However, the startup did not specify who provided the information or if users had incurred any crypto losses.
Trust Wallet recommended turning off iMessage completely from Apple settings to mitigate the issue pending a code fix. At press time, the Silicon Valley heavyweight had neither addressed nor denied the claims.
The National Institute of Standards and Technology (NIST), a branch of the United States Department of Commerce, previously reported investigations into the Binance-owned application, citing a security flaw noticed in its iOS version.
Apple caught in crypto crosshair
Trust Wallet is the second crypto wallet solution to warn users about this month’s Apple-related issue. As crypto.news previously reported, Bitcoin (BTC) wallet UniSat notified users of a fake version of its decentralized storage solution on the iOS app store.
Last month, the crypto community was aware of a side-channel attack vector, GoFetch. This vulnerability allowed bad actors to steal cryptographic keys due to a CPU cache bug in Apple’s M1, M2, and M3 MacBook computer chips.
The company acknowledged the issue, but details on a security patch have yet to surface. As a precaution, industry voices like Errata Security CEO Robert Graham advised users with substantial crypto holdings to move assets off iOS devices.
