Zero-Day threat: Trust Wallet warns iOS users about the danger

Trust Wallet, a well-known cryptocurrency wallet provider, has issued a warning to Apple users about the danger of a high-risk zero-day attack that targets the iMessage messaging app. The company claims that the exploit, which is reportedly is sold on DarkNet at a price of $2 millioncan infiltrate and take control of users’ iPhones without them having to click on any links.

What is Zero-Day Exploit?

Zero-day exploit is a cyberattack that exploits a previously unknown vulnerability in software or hardware before the manufacturer has time to detect and fix it. Zero-day vulnerabilities can go undetected for a long time, leaving systems and networks vulnerable to cyberattacks. In this environment, zero-day exploit attacks are particularly dangerous because they can cause damage before vendors can apply patches or protections.

Trust Wallet’s reaction

Trust Wallet CEO, Eowyn Chen, shared a screenshot of the said “high-risk” exploit being sold on the Darknet, further highlighting the potential threat. She emphasised that high-value account holders are the most vulnerable, and all cryptocurrency wallets on iPhones with iMessage enabled are at risk of attack.

However, after the publication, the authenticity of the claimed exploit was questioned by several industry experts, who said that Trust Wallet had no evidence of an iOS exploit.

How do clickless exploits work?

1. Vulnerability identification

The first step in dealing with clickjacking exploits is to identify vulnerabilities, which are often found in popular email or messenger applications. Attackers analyse the software for weaknesses that can be exploited for unauthorised access.

2. Attack development

Once a vulnerability has been identified, attackers create a special message or call aimed at exploiting this weakness. This step includes careful planning and testing of the attack to ensure its effectiveness.

3. Remote infection

The exploit can allow hackers to infect a device through emails or messages that consume excessive amounts of memory. Simply receiving such an email or message can lead to infection.

4. Discreet operation

The malicious email, message, or call that initiates an exploit is not necessarily stored on the victim’s device. They may be designed to delete themselves after successful execution, further concealing the source of the attack.

5. Access and control

As a result of an exploit, attackers can gain control of a compromised device. This includes the ability to read, edit, leak or even delete messages.

Attacks can be launched against network data packets, authentication requests, text messages, MMS, voicemails, video conferencing sessions, phone calls, or messages through platforms such as Skype, Telegram or WhatsApp. The main goal is to exploit a vulnerability in the code of the application responsible for data processing.

Protection against cyber attacks

In today’s rapidly changing digital landscape, zero-click exploits have become one of the most stealthy and powerful tools for cyber espionage. Mitigating the risks associated with zero-click exploits is challenging, but applying best practices, staying informed and vigilant can provide an extra layer of protection against these hidden cyber threats. With tools such as the Dark Web News module from SOCRadar, you can at least get an idea of zero-click exploits.

And using module Attack Surface Management identify vulnerabilities in your own mobile application, both at the development and production stages. This approach will allow you to fully control the protection of both your employees and customers from potential exploitation of mobile devices.