A crypto wallet maker has raised concerns about a potential iMessage “zero-day” exploit targeting iPhone users, but there are doubts about the credibility of the threat, with some suggesting it could be a scam.
Trust Wallet’s official X (formerly Twitter) account posted about a high-risk zero-day exploit supposedly targeting iMessage on the Dark Web. The tweet warned of infiltration without clicking links and advised users to disable iMessage until Apple issues a fix, despite lack of concrete evidence of such an exploit.
The tweet quickly gained attention, amassing over 3.6 million views. Following the buzz, Trust Wallet later issued a follow-up post, standing by its decision to alert the community about potential threats.
Despite requests for comment, Trust Wallet, owned by Binance, did not respond, and Apple declined to comment on the matter.
Further investigation by Trust Wallet’s CEO Eowyn Chen revealed that the questionable “intel” about the alleged exploit was actually an advertisement on CodeBreach Lab, a dark web site offering the exploit for $2 million in bitcoin. The advert claimed the exploit allowed remote code execution on iPhones, though no evidence of the exploit exists.
A screenshot of the dark web ad claiming to sell an alleged iMessage exploit. Image Credits: TechCrunch
RCE vulnerabilities coupled with zero-click capability are highly sought after by hackers for remote device control. While zero-days do exist, turning off iMessage may not be necessary for most users, as high-risk individuals like journalists may be the primary targets.
Instead of disabling iMessage, experts recommend utilizing Lockdown Mode, which enhances device security. Reports indicate that Lockdown Mode effectively reduces vulnerability to hacks on Apple devices.
CodeBreach Lab, the site selling the alleged exploit, raised suspicions due to its lack of credibility and minimal online presence. Attempts to contact the company for verification were unsuccessful, casting doubt on the legitimacy of the exploit.
Given the questionable nature of the exploit and the unverifiable source, it is likely a scam. Users are advised to exercise caution when encountering such claims and prioritize security measures recommended by reputable cybersecurity experts.
