Cryptocurrency wallet Trust Wallet said it has “credible intel” of zero-day exploit affecting Apple iOS user’s iMessage service. Not all are convinced it’s real, though.
Trust Wallet noted iOS users, saying the exploit would allow attackers to infiltrate targeted iPhone without clicking any links. If confirmed, the zero-day would be comparable to Pegasus spyware, which allows to infiltrate mobile devices and monitor communications.
The crypto wallet provider advised users to disable iMessages “until Apple patches this.” We have reached out to Apple but did not receive a reply before publishing.
According to Trust Wallet’s posts on X, the company discovered a possible iOS zero-day while monitoring the dark web, where attackers on one of the underground forums said they’re selling the exploit for $2 million.
“Trust Wallet is constantly monitoring multiple avenues for any and all security threats to our users, alongside security partners & researchers. We received the intel, which was later confirmed, where a hacker who claimed to have the ability to exploit the iMessage zero-day vulnerability, is asking for $2M on the dark web,” the company said.
Trust Wallet added that the zero-day could affect any iPhone user, not just ones using the company’s services. However, some X users were unconvinced that the exploit exists.
For example, blockchain researcher Beau criticized the company over its claims saying that what Trust Wallet actually has is a “a screenshot of a guy claiming to have an exploit.”
“I don’t care if they want to warn, but they completely overestimated the confidence level they should have,” Beau responded to X user’s remark it’s better be safe than sorry.
In a later post Trust Wallet said it has nothing against Apple, and just wants its users to be safe.
“As many of you have speculated in the comments, we do not. We love iMessage as much as the next person, but we are more so concerned about your security,” the company said.
Your email address will not be published. Required fields are markedmarked