Binance-backed Trust Wallet cited “credible information” pointing to a high-risk attack vector that hackers could deploy via Apple iMessage.
The self-managed cryptocurrency wallet provider said dark web hackers were targeting iPhone and iOS users via a zero-day exploit for Apple’s native Messenger. Trust Wallet’s warning suggested that the exploit conduit had been on the tech giant’s devices from the beginning.
However, the startup did not specify who provided the information or whether users suffered cryptocurrency losses.
Trust Wallet recommended turning off iMessage completely in Apple Settings to alleviate the issue, pending a code fix. At press time, the Silicon Valley giant had not commented or denied the claims.
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) previously reported an investigation into the Binance-owned application, citing security flaws discovered in the iOS version.
Apple caught in cryptocurrency crosshairs
Trust Wallet is the second cryptocurrency wallet solution to warn users about Apple-related issues this month. As crypto.news previously reported, Bitcoin (BTC) wallet UniSat alerted users to a fake version of its decentralized storage solution on the iOS App Store.
Last month, the cryptocurrency community became aware of GoFetch, a side-channel attack vector. The vulnerability allowed malicious actors to steal encryption keys due to a CPU cache bug in Apple’s M1, M2, and M3 MacBook computer chips.
The company has acknowledged the issue, but details about the security patch have not yet been released. As a precautionary measure, industry voices such as Robert Graham, CEO of Errata Security, have advised users with significant cryptocurrency holdings to move their assets off their iOS devices.