Trust Wallet warns of zero-day vulnerability in iMessage! Urges users to stop using the app, criticized for spreading panic
Wallet provider Trust Wallet issued a tweet early this morning warning of a zero-day vulnerability in iMessage that hackers could exploit, potentially leading to a complete takeover of users' phones. The company urged iOS users to immediately disable the app. However, this move has faced criticism from industry insiders who accuse the company of spreading unverified rumors and creating unnecessary panic.
1/2: ⚠️ Alert for iOS users: We have credible intel regarding a high-risk zero-day exploit targeting iMessage on the Dark Web.
This can infiltrate your iPhone without clicking any link. High-value targets are likely. Each use raises detection risk. #CyberSecurity
— Trust Wallet (@TrustWallet) April 15, 2024
Table of Contents
Trust Wallet Reports Zero-Day Vulnerability in iMessage
Trust Wallet has cited a "trusted source" from the dark web indicating a high-risk Zero Day vulnerability in iMessage, potentially exposing users' phone data:
We advise taking immediate precautions against this vulnerability, including disabling iMessages in settings until Apple addresses the issue.
Furthermore, they added, "All wallets storing cryptocurrencies on iPhones with iMessage enabled are at risk."
The CEO of the company, Eowyn Chen, also shared a screenshot on their X platform of a potential Zero-Day vulnerability, showing the exploit code's price on the dark web is $2 million.
Threat intel detected an iOS iMessage zero-day exploit for sale in the Dark Web. It is a zero click exploit to take over control of the phone via iMessages. Its asking price is $2M. This would make sense for very high value individual targets, as more the zero-day is used,… https://t.co/KTKgW6uCuv pic.twitter.com/6ULRgVSxjc
— Eowync.eth (@EowynChen) April 15, 2024
Our alert system reports that someone is selling an iOS iMessage Zero-Day exploit on the dark web for $2 million, posing the greatest threat to users with significant assets.
Source Questioned: Causing Panic?
However, some users doubt the alleged threat and warnings, pointing out the lack of evidence and reliable sources.
Beau, security manager of the renowned NFT project Pudgy Penguins, wrote in a tweet below:
Have you confirmed the hacker's capability? Or confirmed that someone is indeed selling an exploit for $2 million? The choice of words is crucial, and the difference is significant.
Another blockchain researcher, Foobar, criticized this stating:
This is merely an AI-generated image. You randomly stumbled upon a screenshot claiming to sell exploits on a forum, and without any other evidence or investigation, made an unverified claim.
As of the deadline, over 2.4 million X users viewed the warning tweet within 12 hours; Trust Wallet also supplemented that the information came from their "security team and partners" who continuously monitor threats.
IOS System Targeted by Hackers
Apple's IOS system has often been found to have vulnerabilities and is a frequent target for hackers; security firm Kaspersky Research previously discovered vulnerabilities related to iMessage.
Just last month, the cybersecurity company Halborn also highlighted in a security report that over 280 blockchains are currently at risk of Zero-Day vulnerabilities, potentially leading to at least $25 billion in asset losses.
Apple has already released emergency updates for 2 iOS vulnerabilities related to iPhones last month.
iPhone iOS 16.6 Vulnerability Alert! Update to the latest version, CZ: Keep SAFU