Apple has hurriedly released security patches addressing two zero-day vulnerabilities. These vulnerabilities, discovered just this week, have raised alarm over potential misuse by attackers aiming to acquire cryptocurrencies and non-fungible tokens (NFTs) illicitly.
Table of Contents
Update devices immediately!
A revelation by the spyware research team at Citizen Lab brought the previously unknown hacking technique to light. The group responsibly informed Apple about the vulnerabilities before going public with their findings in a detailed blog post.
In response, Changpeng “CZ” Zhao, CEO of the prominent cryptocurrency exchange Binance, took to Twitter with a clear and concise warning. He urged iPhone, iOS, and iPadOS users to “immediately” update their devices to remain secure.
The zero-click vulnerability, which doesn’t require the victim to take any action for the exploit to work, was reportedly used to install the notorious Pegasus spyware onto an iPhone. The affected device belonged to an employee of a Washington DC-based civil society organization, as indicated by the Citizen Lab’s report.
The malicious technique exploited PassKit, a foundational component for iPhone’s Apple Pay and Wallet applications. Through this, attackers could send harmful images via iMessage to unsuspecting victims.
Confirming the threat level, Citizen Lab researchers stated that the vulnerability could breach iPhones using the newest iOS (16.6) without any user action. Citizen Lab’s senior researcher, John Scott-Railton, lauded the role of civil society in highlighting this critical issue:
“Once more, civil society is serving as the cybersecurity early warning system for billions of devices around the world. Including you, if you’re reading this on your iPhone. Or Mac.”
Apple stock experiences a steep drop
In the backdrop of this urgent security update, Apple’s stock (AAPL) experienced a sell-off. As the world anticipates the launch of the newest iPhone iteration on September 12, Apple’s market value has plummeted by approximately $200 billion. This decline was further exacerbated by the Chinese government’s restrictive measures on iPhone use.