On 2024-04-18, Mickey D <
mickeydavis078XX@ptd.net> wrote:
The recommendation by Trust Wallet is to disable iMessage
Yes, everyone should definitely disable iMessage based on a questionable
and unverified claim that totally isn't bogus:
A crypto wallet maker’s warning about an iMessage bug sounds like a false alarm
<
https://techcrunch.com/2024/04/16/a-crypto-wallet-makers-warning-about-an-imessage-bug-sounds-like-a-false-alarm/>
---
Lorenzo Franceschi-Bicchierai11:51 AM PDT•April 16, 2024
A crypto wallet maker claimed this week that hackers may be targeting
people with an iMessage “zero-day” exploit — but all signs point to an
exaggerated threat, if not a downright scam.
Trust Wallet’s official X (previously Twitter) account wrote that “we
have credible intel regarding a high-risk zero-day exploit targeting
iMessage on the Dark Web. This can infiltrate your iPhone without
clicking any link. High-value targets are likely. Each use raises
detection risk.”
The wallet maker recommended iPhone users to turn off iMessage
completely “until Apple patches this,” even though no evidence shows
that “this” exists at all.
The tweet went viral, and has been viewed over 3.6 million times as of
our publication. Because of the attention the post received, Trust
Wallet, which is owned by crypto exchange Binance, hours later wrote a
follow-up post. The wallet maker doubled down on its decision to go
public, saying that it “actively communicates any potential threats and
risks to the community.”
When reached by email, Trust Wallet’s John Broadley declined to provide
TechCrunch with evidence of the company’s claim. Trust Wallet Chief
Information Security Officer Eve Lam reiterated the company’s advice to
users, also without providing evidence for the claim that there’s an
imminent threat.
Apple spokesperson Scott Radcliffe declined to comment when reached
Tuesday.
As it turns out, according to Trust Wallet’s CEO Eowyn Chen, the “intel”
is an advertisement on a dark web site called CodeBreach Lab, where
someone is offering said alleged exploit for $2 million in bitcoin
cryptocurrency. The advert titled “iMessage Exploit” claims the
vulnerability is a remote code execution (or RCE) exploit that requires
no interaction from the target — commonly known as “zero-click” exploit
— and works on the latest version of iOS. Some bugs are called zero-days
because the vendor has no time, or zero days, to fix the vulnerability.
In this case, there is no evidence of an exploit to begin with.
A screenshot of the dark web ad claiming to sell an alleged iMessage
exploit. Image Credits: TechCrunch A screenshot of the dark web ad
claiming to sell an alleged iMessage exploit. Image Credits: TechCrunch
RCEs are some of the most powerful exploits because they allow hackers
to remotely take control of their target devices over the internet. An
exploit like an RCE coupled with a zero-click capability is incredibly
valuable because those attacks can be conducted invisibly without the
device owner knowing. In fact, a company that acquires and resells
zero-days is currently offering between $3 to $5 million for that kind
of zero-click zero-day, which is also a sign of how hard it is to find
and develop these types of exploits.
Given the circumstances of how and where this zero-day is being sold,
it’s very likely that it is all just a scam, and that Trust Wallet fell
for it, spreading what people in the cybersecurity industry would call
FUD, or “fear uncertainty and doubt.”
Zero-days do exist, and have been used by government hacking units for
years. But in reality, you probably don’t need to turn off iMessage
unless you are a high-risk user, such as a journalist or dissident under
an oppressive government, for example.
It’s better advice to suggest people turn on Lockdown Mode, a special
mode that disables certain Apple device features and functionalities
with the goal of reducing the avenues hackers can use to attack iPhones
and Macs.
According to Apple, there is no evidence anyone has successfully hacked
someone’s Apple device while using Lockdown Mode. Several cybersecurity
experts like Runa Sandvik and the researchers who work at Citizen Lab,
who have investigated dozens of cases of iPhone hacks, recommend using
Lockdown Mode.
For its part, CodeBreach Lab appears to be a new website with no track
record. When we checked, a search on Google returned only seven results,
one of which is a post on a well-known hacking forum asking if anyone
had previously heard of CodeBreach Lab.
On its homepage — with typos — CodeBreach Lab claims to offer several
types of exploits other than for iMessage, but provides no further
evidence.
The owners describe CodeBreach Lab as “the nexus of cyber disruption.”
But it would probably be more fitting to call it the nexus of
braggadocio and naivety.
TechCrunch could not reach CodeBreach Lab for comment because there is
no way to contact the alleged company. When we attempted to buy the
alleged exploit — because why not — the website asked for the buyer’s
name, email address, and then to send $2 million in bitcoin to a
specific wallet address on the public blockchain. When we checked,
nobody has so far.
In other words, if someone wants this alleged zero-day, they have to
send $2 million to a wallet that, at this point, there is no way to know
who it belongs to, nor — again — any way to contact.
And there is a very good chance that it will remain that way.
---
Believe the Trust Wallet FUD, folks! RUN, don't walk, to your nearest
fallout shelter! The sky is on fire! Trust us!
-- E-mail sent to this address may be devoured by my ravenous SPAM filter.I often ignore posts from Google. Use a real news client instead.JR
Disable iMessage NOW! (Trust Wallet Warns iOS Users About New iMessage Zero-Day Vulnerabilities)
Re: Disable iMessage NOW! (Trust Wallet Warns iOS Users About New iMessage Zero-Day Vulnerabilities)
