Crypto wallet provider Trust Wallet is advising Apple users to disable iMessage due to concerns about a possible zero-day exploit that could allow hackers to take control of users’ iPhones. Trust Wallet posted an alert on X on April 16, citing “credible intel” regarding a high-risk zero-day exploit targeting iMessage on the Dark Web.
The exploit can infiltrate and compromise iPhones without requiring the user to click on a link, putting high-value account holders at particular risk.
A zero-day exploit takes advantage of unknown or unaddressed security vulnerabilities in software, hardware, or firmware. Trust Wallet warned that all crypto wallets on iPhones with iMessage enabled could be vulnerable.
Trust Wallet’s CEO, Eowyn Chen, shared a screenshot of a potential zero-day exploit with a $2 million asking price.
However, the claim was met with scepticism from industry experts who questioned the authenticity of the evidence, suggesting it was based on a screenshot of someone claiming to have an exploit rather than solid proof of an iOS vulnerability.
Pseudonymous blockchain researcher Beau raised concerns about the potential panic Trust Wallet’s alert could cause. Nonetheless, more than 1.2 million X users viewed Trust Wallet’s alert within four hours of its posting.
A later sceptical comment from crypto analyst foobar led Trust Wallet to reveal that its intel came from its security team and partners who continuously monitor for threats.
Apple did not respond to this statement. This news comes as Apple recently released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones in the previous month.
Apple’s iMessage application has previously been targeted as an attack vector by hackers, according to security researchers at Kaspersky. Furthermore, cybersecurity firm Halborn warned that more than 280 blockchain networks face zero-day exploits that could put at least $25 billion worth of crypto at risk.