Trust Wallet, a crypto wallet owned by the crypto exchange Binance, has issued a warning that hackers may be targeting iPhone's iMessage.
The so-called "zero-day" exploit could allow attackers to steal users information, messages and cryptocurrency—though the exploit itself could be a scam.
Sign up now for the free CryptoCodex—A daily five-minute newsletter for traders, investors and the crypto-curious that will get you up to date and keep you ahead of the bitcoin and crypto market bull run
ANKARA, TURKIYE - MARCH 06: In this photo illustration, logo of Apple iMessage is displayed on a ... [+]
"We have credible intel regarding a high-risk, zero-day exploit targeting iMessage on the dark web," Trust Wallet's X account posted. "This can infiltrate your iPhone without clicking any link. High-value targets are likely. Each use raises detection risk."
So-called zero-day exploits mean the developer, in this case Apple, has no time to fix the vulnerability.
Trust Wallet recommended users take "action to guard against this iMessage exploit," advising people to "disable iMessage ASAP until Apple patches this."
However, the hacking software is being sold on a dark web site called CodeBreach Lab for $2 million worth of bitcoin. There is no evidence that it works or that anyone has bought it, as TechCrunch pointed out.
"Threat intel detected an iOS iMessage zero-day exploit for sale in the dark web," Trust Wallet's chief executive Eowyn Chen posted to X.
"It is a zero-click exploit to take over control of the phone via iMessages. Its asking price is $2 million. This would make sense for very high value individual targets, as more the zero-day is used, more likely it is caught in the wild by researchers."
This reporter reached out to Apple about the alleged iPhone exploit but has not received a response.
