-
Apple's latest security update directly hits crypto users
Apple (Nasdaq: AAPL) has issued an alert to its users, urging them to update their devices to address a zero-click vulnerability, which posed a direct threat to crypto users, among others.
On Aug. 20, Apple issued a security release regarding iOS 18.6.2 and iPadOS 18.6.2, as per which it has addressed an image processing vulnerability that let malicious and sophisticated actors exploit the devices and corrupt memory.
The tech giant said, "Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals."
The crypto users can be particularly vulnerable to such a cyber threat as they often keep their wallet addresses, keys, and recovery phrases as screenshots on their devices.
While a crypto wallet address is like your digital bank account number for receiving crypto assets, a private key is a long string of characters used to secure and access your assets. A recovery phrase is an ultimate secret backup key that restores access to your wallet.
The wallet address should only be shared while receiving crypto. But one simply can't afford to expose a private key and a recovery phrase because once a bad actor has access to them, your entire crypto holdings are gone.
On June 23, Kaspersky researchers revealed that a new Trojan malware called SparkKitty targeted both iOS and Android smartphones, sending images from infected devices to the malicious actors. The malware was embedded in apps related to crypto and gambling, with crypto users in Southeast Asia and China as its main targets.
Apple's ImageIO framework, subject to the zero-click vulnerability, allowed out-of-bounds memory write access, which posed a similar risk to crypto users.
A crypto user should take all the necessary and latest security measures and preferably remove such sensitive details from their devices.
This article has been published in TheStreet via Yahoo News.
