iPhone users warned to disable iMessage temporarily to avoid getting hacked | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Trust Wallet, a decentralized wallet owned by cryptocurrency exchange Binance has warned iOS users about an iMessage security flaw that hackers can use to hack their iPhones without any interaction with them.

The company wrote on X that they have credible intel about a zero-day iMessage exploit. A zero-day exploit is when cybercriminals discover an unaddressed vulnerability. A hacker is selling the exploit for $2 million on the dark web.
Per the X posts, hackers can access a victim’s iPhone without any input or interaction from them. Though anyone can be a target, high-value targets are especially at risk.

Trust Wallet has advised users to disable iMessage until Apple issues a fix.

Should you turn off your iMessage until a patch is released? 

TechCrunch doesn’t think you need to, unless you consider yourself a high-risk user.

The outlet believes that Trust Wallet is over-reacting and notes that there is no evidence that the exploit exists.

The intel that Trust Wallet claims to have received and verified is an ad on the dark web on a website named CodeBreach Lab. Finding and developing zero-click zero-day is a tough task and CodeBreach Lab’s typo-ridden and unheard-of website doesn’t inspire confidence that it’s capable of creating such an exploit.

TechCrunch even tried to buy the exploit and found out that the website required buyers to send $2 million in Bitcoin to a wallet address on the public blockchain. The publication found that nobody had done that.

CodeBreach Lab is probably trying to scam people out of cryptocurrency and Trust Wallet trusted it too much…

If you want to be on the safe side, you should consider turning on Lockdown Mode instead of disabling iMessage. It’s a mode that has been designed to protect users from ‘extremely rare and highly sophisticated cyber attacks.’ Apple says no one has been able to hack its devices in Lockdown Mode.


Click Here For The Original Story From This Source.


National Cyber Security