Apple is urging users to promptly update their devices to address a zero-click vulnerability that enables attackers to compromise iPhones, iPads, and Macs, which poses increased risks for cryptocurrency holders.
In a Thursday advisory, Apple disclosed that an issue in image processing permitted sophisticated actors to infiltrate Apple devices. The vulnerability disclosure page indicates that it was rectified as part of the macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2, and iPadOS 18.6.2 updates.
“Apple is aware of reports suggesting that this issue may have been exploited in an exceptionally sophisticated attack against specific targeted individuals,” the company stated.
Cybersecurity experts caution that this flaw is particularly perilous for those involved in cryptocurrency, as they are considerably more vulnerable to cyberattacks. Access to crypto-related systems can directly yield financial gains for attackers through irreversible transactions, thus intensifying their motivation to target this demographic.
Juliano Rizzo, founder and CEO of cybersecurity firm Coinspect, informed Cointelegraph that this zero-click vulnerability requires no user interaction, and “an attachment sent via iMessage can be processed automatically, leading to device compromise.” Attackers could exploit access to these devices to retrieve wallet information.
Related: Bitcoiner loses $91M in social engineering attack: ZachXBT
Apple vulnerability details
This vulnerability impacts Apple’s Image I/O framework, which enables applications to read and write various image file formats. Due to incorrect implementation, processing a malicious image enables out-of-bounds memory write access.
In simpler terms, attackers can exploit this vulnerability to write to sections of a device’s memory that should be off-limits. Such an issue, in the hands of a particularly advanced attacker, can undermine device security by granting the ability to execute code on targeted devices.
A device’s memory contains all active programs, including critical ones. Unauthorized memory writes enable attackers to manipulate how other programs function and execute their own commands.
Related: Ethereum core dev’s crypto wallet drained by malicious AI extension
Advice for crypto holders
Rizzo advised high-value targets using vulnerable devices for key storage or signing to transition to new wallet keys if they suspect any compromise or “if there’s evidence of targeting” on the device with stored credentials:
“The specific steps depend on the nature of the attack, but it’s essential to remain calm, document a coherent plan, and begin by securing main accounts (email, cloud) that attackers may exploit for password resets or further access. Timely patching is crucial, but waiting for updates to complete should never delay immediate account lockdown.”
For the average user, Rizzo mentioned that “reviewing system logs might theoretically highlight anomalies, but this data is often challenging to interpret.” He noted that vendors like Apple are well-equipped to detect exploitation and notify affected users directly.
Magazine: Coinbase hack shows the law probably won’t protect you: Here’s why
