Caution Warranted: More Evidence Needed on Trust Wallet's iMessage Vulnerability Claim The recent warning from Trust Wallet about a purported zero-day vulnerability in Apple's iMessage has raised concerns within the crypto community. While the startup claims to have "credible intel" about a high-risk attack vector targeting iPhone and iOS users, the available information raises more questions than answers. Trust Wallet's alert suggests that dark web hackers have discovered an exploit that can infiltrate iOS devices through the default iMessage app, without users needing to click on any links[1][2][3]. The company has advised iPhone and iPad owners to completely disable iMessage as a precautionary measure until Apple addresses the issue[1][2][3]. Trust Wallet has not provided specific details on the source of its "credible intel" or whether any actual crypto losses have been reported by users[1][2][3]. This lack of transparency makes it difficult to assess the severity and veracity of the claimed vulnerability. Furthermore, the broader security community has expressed skepticism about Trust Wallet's claims. Beau, a blockchain researcher, has criticized the company for "overestimating the confidence level" and noted that they only have a screenshot of someone claiming to have an exploit, rather than concrete proof[2][3]. This suggests the evidence may not be as robust as Trust Wallet has implied. It is also worth noting that Apple has not yet addressed or denied the claims made by Trust Wallet[1][2][3][4][5]. While the potential implications of a genuine iMessage vulnerability are concerning, the available information is insufficient to conclusively determine the legitimacy of Trust Wallet's alert. Users should exercise caution and wait for more concrete evidence or a response from Apple before taking any drastic measures, such as disabling iMessage entirely. It is important to note that Apple has not been without its share of zero-day iOS vulnerabilities in the past[1]. This underscores the need for a thorough investigation and verification of the claims made by Trust Wallet to ensure the safety and security of iOS users. Sources [1] Trust Wallet warns Apple iOS users of iMessage vulnerability https://lnkd.in/g_qFzZSg [2] Trust Wallet Warns Apple iOS Users of iMessage Vulnerability - CoinMarketCap https://lnkd.in/gJug2gu2 [3] Trust Wallet warns iOS users of zero-day exploit - Cybernews https://lnkd.in/gsqUUNsQ [4] A crypto wallet maker's warning about an iMessage bug sounds like a ... https://lnkd.in/gyr8Tyi9 [5] iPhone users warned about iMessage exploit, but it could be fake https://lnkd.in/gxFFCQVg
Peter Makohon’s Post
More Relevant Posts
-
🔒 Protecting Your Crypto: Trust Wallet Warns of Apple iOS iMessage Vulnerability #️⃣ Security Alert 🔒 Trust Wallet, backed by Binance, issued a warning about a high-risk attack vector targeting iPhone and iOS users through Apple iMessage. 🔍 According to Trust Wallet, dark web hackers are exploiting a zero-day exploit in Apple's default messenger, posing a significant threat to users' crypto assets. The vulnerability has reportedly been present in Apple devices since their inception. 🛡️ While Trust Wallet did not disclose the source of the information or any instances of crypto losses, they advised users to disable iMessage until a fix is implemented. Apple has yet to respond to or refute these claims. 🔗 The National Institute of Standards and Technology (NIST) has previously investigated Trust Wallet due to security flaws in its iOS version, highlighting the importance of prompt security measures. #️⃣ #TrustWallet #AppleVulnerability #iOS #CryptoSecurity #ZeroDayExploit
Trust Wallet warns Apple iOS users of iMessage vulnerability
https://crypto.news
To view or add a comment, sign in
-
Google announced Tuesday, August 17th the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative. FIDO2 is the newest set of specifications from the FIDO Alliance. It enables the use of common devices to authenticate to online services on both mobile and desktop environments, using unique cryptographic login credentials for every site. Essentially, FIDO2 is passwordless authentication. The development comes less than a week after the tech giant said it plans to add support for quantum-resistant encryption algorithms in Chrome 116 to set up symmetric keys in TLS connections. Last year, NIST has chosen the first group of encryption tools that are designed to withstand the assault of a future quantum computer. Three of the selected algorithms by NIST are based on a family of math problems called structured lattices, while SPHINCS+ uses hash functions. One of the earliest blockchain projects to tackle this problem was the QRL (Quantum Resistant Ledger) project, launched in 2018, with a blockchain that utilizing the eXtended Merkle Signature Scheme (XMSS), a hash-based digital signature scheme considered to be quantum-resistant. My two cents here, why NIST and tech giants are not collaborating to come up with market friendly quantum safe cryptography solutions that consider the required economic evolution of consumers’ endpoints hardwares?!!!
Google Introduces First Quantum Resilient FIDO2 Security Key
thehackernews.com
To view or add a comment, sign in
-
Are we at the dawn of Quantum E-commerce? Could the Quantum Internet mitigate online security risks with a demonstration of 1-second Quantum transactions? Recent Research from Chinese scientists suggests in a recent demonstration that Quantum E-commerce may pave the way for secure transactions online. Much of the world depends on the internet for transactions which include everything from banking to commerce. However, security experts have often railed against the security of the current system from different attack vectors that range from quantum computing to brute force attacks. Researchers from China have created an entire quantum e-commerce scheme that is thought to be resistant to attacks. https://lnkd.in/e2hhpUNR
Are we at the dawn of Quantum E-commerce? Could the Quantum Internet mitigate online security risks with a demonstration of 1-second Quantum transactions?
http://quantumzeitgeist.com
To view or add a comment, sign in
-
How Does Nym Compare To Other Privacy System These days, third parties are able to watch your traffic in order to find out what services you use, who you communicate with, and when. It is feasible to track your communications activity even when you use an encrypted messaging program like WhatsApp, Telegram, or Signal. This is the issue with privacy at the network level, or layer 0 #privacy. On the blockchain level, cryptocurrencies like ZCash, Monero, and Mimblewimble can accomplish privacy, but on the network level, timing and associated metadata might deanonymize transactions. This holds true for every zero-knowledge proof scheme applied on a single degree of isolation. VPNs seem to be the answer to this issue, but they require the user to entrust the VPN provider with their data, and the anonymity they provide might be compromised by adversaries who can see the VPN's entrance and exit points. Although Tor and I2P offer a more complex multi-hop solution, they are not anonymous to end-to-end network attackers, making them vulnerable to powerful opponents who can monitor the entire network or just its entry and exit points. Tor, as opposed to #Nym, does not mix packets or produce cover traffic because it is designed for low-latency web browsing. ➡️ WHY #MIXNET A mixnet, like Tor, offers multiple hops, but additionally introduces temporal obfuscation through random delays and cover traffic to prevent user identification based on the patterns of their network activity. Our mixnet employs the Sphinx packet structure, just like Lightning, to make every communication the same length and bitwise unlinkable. A probability distribution that can be matched to provide the latency required for a certain use-case determines how long a packet is delayed. The Nym mixnet also offers a potent combination of performance and usability capabilities that other mixnets do not. SURBs provide bidirectional anonymous communication across the mixnet, and the Nym mixnet ensures that messages are received, can be re-sent as needed, and are received within a time range users find acceptable. When Tor was developed in the early 2000s, the internet was too sluggish for mixnets to operate at a reasonable pace for daily use. Today, faster development times for mix-networking without scaling constraints are feasible thanks to improved performance and a cutting-edge mixnet architecture created by the Nym team. One benefit of the Nym network is that as the anonymity set expands, the system can get faster and more private rather than slowing down with more users. Get Nym Connect and Safeguard Your Online Privacy 🔒. For More Information, Join and do some research 👇🏼 Web: nymtech.net Discord: discord.gg/Nym Telegram: t.me/nymchan #Web3 #PrivacyLoveCompany
To view or add a comment, sign in
-
-
🔒 Cybersecurity Highlights - Jan 20, 2024 🚨 GPU Vulnerability (LeftoverLocals): Critical flaw in GPUs (Apple, Qualcomm, AMD) exposed by researchers, risking AI data theft. Cybersecurity paradigm shift in the making. 🌐 FTC vs. X-Mode Privacy Showdown: FTC battles X-Mode over location data. A privacy milestone, but are enforcement powers enough? Unraveling data privacy complexities. 🕵️ Comcast's Data Harvesting: Comcast Xfinity's data quest exposed. User info for personalized ads - a fine line between personalization and intrusion. ₿ Bitcoin Anonymity Unveiled (Tracers in the Dark): Exposé shatters Bitcoin anonymity myths. A cryptography grad dismantles transaction privacy illusions. 🎭 CISA's Ivanti VPN Directive: CISA issues urgent Ivanti VPN patch call against state-backed exploits. Geopolitical cybersecurity symphony unfolds. 🐻❄️ Microsoft's Cozy Bear Encounter: Cozy Bear infiltrates Microsoft targeting leadership. Months-long operation exposes persistent threats even for tech giants. 💳 Walmart's Cyber Odyssey: Walmart neglects $1 billion+ in gift card scams. Regulatory dodging and a call for a cybersecurity paradigm shift. 🌏 Myanmar's Trafficking Crisis: Human trafficking fuels Myanmar's civil war. Dark underbelly contributing to geopolitical unrest. 🕸️ Facebook's Surveillance Web: Facebook users entangled in a web of tracking by 2,230+ companies on average. Navigating the intricate data-sharing matrix shaping digital personas. Explore more at WIRED. Vigilance is our shield! 🔐 #CyberSecurityChronicles #TechInsights #DataPrivacyFrontiers #DigitalSecurity
Security News This Week: US Agencies Urged to Patch Ivanti VPNs That Are Actively Being Hacked
wired.com
To view or add a comment, sign in
-
It's been a while since my last quant-pocalypse rant. Candidly, I'm not sure if that's good or bad. I see two possibilities. Best case: no news is good news in that development of quantum supremacy in the crypto space has slowed, forestalling the impending post-quantum implosion of non-quantum proof encryption. Worst case: no news is bad news, indicating that a lot of development has been taken underground and that nefarious groups have developed advanced quantum capabilities. In either case, there is a bit of good news for the post-quantum world. Well ahead of the projected 2035(ish) quantum doomsday, Apple has already started integrating post-quantum safe encryption algorithms for iMessage. This is great news considering that people are sometimes a little lax on the sensitivity of the information they put in their mobile chat applications. Apple is usually an industry trend-setter, so hopefully other messaging services follow suit (although I think technically Signal beat them to PQE). All this said, am I still worried? Yes. But I am just a bit more hopeful that I won't have to shift my secure comms back to tin cans connected by strings...although that would lower my cell phone bill significantly. https://lnkd.in/eVAq877W
Apple Adds Post-Quantum Encryption to iMessage
securityweek.com
To view or add a comment, sign in
-
Are we at the dawn of Quantum E-commerce? Could the Quantum Internet mitigate online security risks with a demonstration of 1-second Quantum transactions? Recent Research from Chinese scientists suggests in a recent demonstration that Quantum E-commerce may pave the way for secure transactions online. Much of the world depends on the internet for transactions which include everything from banking to commerce. However, security experts have often railed against the security of the current system from different attack vectors that range from quantum computing to brute force attacks. Researchers from China have created an entire quantum e-commerce scheme that is thought to be resistant to attacks. https://lnkd.in/edHspCpt
Are we at the dawn of Quantum E-commerce? Could the Quantum Internet mitigate online security risks with a demonstration of 1-second Quantum transactions?
http://quantumzeitgeist.com
To view or add a comment, sign in
-
🚨 Urgent Alert for Apple Mac Users 🚨 Attention all crypto enthusiasts using Apple Macs! A newly identified vulnerability in Apple’s M-series processors has surfaced, posing a serious threat to the security of your digital assets. Reported by Ars Technica and detailed by a group of researchers from leading US universities, this flaw resides deep within the microarchitecture of M-series chips. Dubbed "GoFetch," this vulnerability has the potential to compromise the private keys crucial for securing your cryptocurrencies. The issue arises from a side channel in the chip’s data memory-dependent prefetcher (DMP), designed to enhance computing efficiency. However, this inadvertently allows for the extraction of secret keys during cryptographic operations, putting your digital assets at risk. This attack method, ominously named "GoFetch," doesn’t even require administrative access, making it particularly alarming for users. The researchers warn that even protocols resistant to quantum computing attacks are vulnerable, putting a wide array of cryptographic keys in jeopardy. The implications are grave: a 2048-bit RSA key can be extracted in less than an hour, and a 2048-bit Diffie-Hellman key in just over two hours. Mitigating this vulnerability is challenging due to its hardware-based nature, posing a significant hurdle for both developers and users alike. While Apple has yet to respond publicly to these findings, the tech community and crypto users are eagerly awaiting guidance. In the meantime, be vigilant for software updates addressing this vulnerability. As the crypto community navigates this period of uncertainty, remember to prioritize security and stay informed. Stay tuned for further updates as this story unfolds. https://lnkd.in/gb9DEiVv #Apple #Mac #CryptoSecurity #GoFetchVulnerability #Cybersecurity #DigitalAssets #Cryptocurrency #TechNews
Urgent Alert For Apple Mac Users: Your Cryptos Could Be At Risk
https://bitcoinist.com
To view or add a comment, sign in
-
#5 Key Features of the Secure DeFi Wallets: #Encryption: In the art of securing your DeFi wallet, lies the power of encryption, akin to an invisible wardrobe snugly embracing your assets. It's a mysterious incantation shielding your private keys from any attempts at intrusion and the greedy gazes of adversaries. It's not just protection – it's an unseen shield, summoned to guard your valuables against any cyber-dragons. #Backup: Regular backups of private keys serve as your personal security pledge. Like a backup rod in a spaceship, they stand ready to activate in case of critical failure. Empowered by automation, these duplicates become a clandestine weapon, poised to return your assets to you even in the most extraordinary circumstances. #Security Audit: In this battle against cyber-parasites, security audits are your unwavering ally. It's not just an inspection; it's an illumination of the dark corners of your wallet, like a lightsaber cutting off any potential threats at the roots. It's the guiding star in the world of security, sparkling in the night sky of the cyber-galaxy. #Multi-Factor Authentication: In the realm of DeFi wallets, multi-factor authentication is like a complex system of locks on a safe, each requiring its own unique key. It's not just additional steps; it's insurmountable barriers for those attempting to illegitimately access your assets. It's your cyber-fortification. #Security Updates: Regular security updates are not just technological renovations. It's an energetic wind of change sweeping through your digital corridors, bringing the latest protective measures. It's a living flock of cyber-phoenixes, ready to rise and withstand the most sophisticated cyber-viruses.With love for security, 1inchhttps://lnkd.in/dtXguB5p
1inch: Crypto DeFi Wallet - Apps on Google Play
play.google.com
To view or add a comment, sign in
-
#illegalcryptomining Unathorized cryptomining is a pervasive issue for companies with powerful infrastructures and weak security measures. In many instances, unauthorized individuals can run this illegal operation for months before they get caught incurring enormous electricity bills, overusing hardware resources, and preventing important security patches from deployment. My patent below protects infrastructures from such illegal activities https://lnkd.in/eAKRWVMG
US11159407B2 - Detection of unauthorized cryptomining - Google Patents
patents.google.com
To view or add a comment, sign in