Tag Archive for: iphone

‘Disable iMessage ASAP’—‘High-Risk’ Alert Issued Over ‘Credible’ iPhone Dark Web Exploit

/in


Trust Wallet, a crypto wallet owned by the crypto exchange Binance, has issued a warning that hackers may be targeting iPhone’s iMessage.

Subscribe now to Forbes’ CryptoAsset & Blockchain Advisor and “uncover blockchain blockbusters poised for 1,000% plus gains” ahead of bitcoin’s looming halving earthquake!

The so-called “zero-day” exploit could allow attackers to steal users information, messages and cryptocurrency—though the exploit itself could be a scam.

Sign up now for the free CryptoCodexA daily five-minute newsletter for traders, investors and the crypto-curious that will get you up to date and keep you ahead of the bitcoin and crypto market bull run

MORE FROM FORBES‘It’s Going To Zero’-Legendary Billionaire Predicts ‘Rapid, Cataclysmic’ U.S. Dollar Collapse And A $5 Trillion Post-Halving Bitcoin Price BoomBy Billy Bambrough

“We have credible intel regarding a high-risk, zero-day exploit targeting iMessage on the dark web,” Trust Wallet’s X account posted. “This can infiltrate your iPhone without clicking any link. High-value targets are likely. Each use raises detection risk.”

So-called zero-day exploits mean the developer, in this case Apple, has no time to fix the vulnerability.

Trust Wallet recommended users take “action to guard against this iMessage exploit,” advising people to “disable iMessage ASAP until Apple patches this.”

However, the hacking software is being sold on a dark web site called CodeBreach Lab for $2 million worth of bitcoin. There is no evidence that it works or that anyone has bought it, as TechCrunch pointed out.

“Threat intel detected an iOS iMessage zero-day exploit for sale in the dark web,” Trust Wallet’s chief executive Eowyn Chen posted to X.

“It is a zero-click exploit to take over control of the phone via iMessages. Its asking price is $2 million. This would make sense for very high value individual targets, as more the zero-day is used, more likely it is caught in the wild by…

Source…

Sinister AI ‘eavesdropping’ trick lets ‘anybody read private chats’ on your Android or iPhone, security experts reveal

/in


CYBERCRIMINALS can spy on users’ conversations with artificial intelligence-powered chatbots, experts have warned.

Ever since ChatGPT came out in November 2022, cybersecurity experts have been concerned with the technology.

Criminals can spy on users’ conversations with AI chatbotsCredit: Getty

ChatGPT is an advanced chatbot that can seamlessly complete tasks like writing essays and generating code in seconds.

Today, several chatbots function like ChatGPT, including Google’s Gemini and Microsoft’s Copilot within Bing.

The chatbots are easy to use, and many users quickly get captivated into conversations with the natural-language companions.

However, experts have expressed concerns over users sharing personal information with AI chatbots.

ChatGPT can collect highly sensitive details users share via prompts and responses.

It can then associate this information with a user’s email address and phone number, and store it.

That’s because to use the platform, users need to provide both an email address and mobile phone number.

Users cannot bypass this by using disposable or masked email addresses and phone numbers.

Most read in Phones & Gadgets

As a result, ChatGPT is firmly tied to your online identity as it records everything you input.

What’s more, this private data can also be obtained by cybercriminals if they are keen enough.

ChatGPT creator reveals more creepy videos after announcing major change & fans are shocked by ‘cyborg’ German Shepherd

“Currently, anybody can read private chats sent from ChatGPT and other services,” Yisroel Mirsky, the head of the Offensive AI Research Lab at Israel’s Ben-Gurion University, told Ars Technica in an email.

“This includes malicious actors on the same Wi-Fi or LAN as a client (e.g., same coffee shop), or even a malicious actor on the internet — anyone who can observe the traffic.”

This is known as a “side-channel attack,” and it can be very dangerous for victims.

“The attack is passive and can happen without OpenAI or their client’s knowledge,” Mirsky revealed.

“OpenAI encrypts their traffic to prevent these kinds of eavesdropping attacks, but our research shows that the way OpenAI is using encryption is flawed, and thus the content of the…

Source…

Can Someone Hack My iPhone?

/in


There are almost no electronic devices that are invulnerable to hacks and malware. While very complicated and unlikely, iPhones can be hacked in a multitude of ways.   

Over the years, we’ve seen Apple products encounter their fair share of exploits and hacks that capitalize on iOS software vulnerabilities. Being a victim of iPhone hacks isn’t impossible, and it’s important to know how these exploits work so you can reduce the risk of being targeted. We’ll explore the digital threats iPhone users should be aware of, the warning signs to look out for and what to do if your iPhone gets hacked.

Can iPhones Be Hacked?

iPhones are more secure mobile devices than their Android counterparts, but they can still be hacked. Android devices have a reputation for customization and manipulation at the software level since their open-source code makes them much less secure and easier to compromise via malware. iPhones, on the other hand, are closed-source, making them far more challenging to compromise.

Despite their superior security features, iPhones are still susceptible to unsecured Wi-Fi network traps, suspicious apps and social engineering schemes. While rare, iPhone virus threats exist.

Some iPhone hackers attempt to exploit security vulnerabilities the iOS can’t prevent, like exploiting apps to gain elevated permissions. Others try to access your device by hacking or logging in using your Apple ID, giving them better access privileges.

From there, the hacker can access all data on the iPhone, including cloud storage, pictures, messages and sensitive financial and personal information.

Illustration comparing iphone vs android security

How to Tell If Your iPhone Is Hacked

No one knows your iPhone better than you. If you notice your device behaving in strange and unusual ways, your iPhone may be hacked. Here are some warning signs to pay attention to.

illustration depicting signs of hacked iphone

Device Performance

Malware can affect your iPhone’s performance negatively. Some of these signs can be attributed to poor condition or aging technology, but if your phone is in great condition and still underperforms, it’s possible that it’s been hacked.

  • Battery drains quickly: Hacked iPhones are unable to hold battery power as long as they used to….

Source…

iPhone Security In The Face Of Zero-Click Exploits

/in


Apu Pavithran is the founder and CEO of Hexnode, an award-winning unified endpoint management platform.

For Apple enthusiasts and business owners alike, the iPhone has been more than a device—it’s a symbol of security and reliability. That doesn’t imply, however, that the iPhone is a veritable Fort Knox. Vulnerabilities popping up occasionally are nothing new. However, a recent pair of zero-day vulnerabilities raise considerable concern. In early September 2023, CitizenLab, a vigilant internet watchdog group, unearthed a zero-click iOS vulnerability that enabled the notorious Pegasus spyware to infiltrate iPhones. This revelation serves as a wake-up call, reminding us that even the seemingly impenetrable can be compromised.

Unraveling The Vulnerability

What’s truly unsettling is that even the most up-to-date iPhone with the latest iOS can fall victim to this attack without any user interaction. Unlike traditional attacks that require some form of user interaction, this exploit can compromise an iPhone without any action from the victim.

The first exploit, CVE-2023-41064, affects Image I/O, a foundation for programs that enable them to read and write different image formats. A buffer overflow issue in Image I/O may be used to build a maliciously created image that causes iOS to execute malicious software. For those unfamiliar, a buffer overflow takes place when a program tries to input more information into a buffer than it can accommodate. This can lead to various issues such as data distortion, program malfunctions or even the activation of harmful code. The second vulnerability, CVE-2023-41061, affects Apple Wallet and can be exploited to trick it into executing malicious code.

At the end of both vulnerabilities lies Pegasus, a potent and sophisticated spyware developed by Israel’s NSO group. Pegasus utilizes the zero-click zero-day vulnerability to inject itself onto iPhones and iPads. Once infiltrated, its capabilities are staggering: It can siphon off texts, emails, media files, contacts and GPS coordinates. Additionally, it can eavesdrop on calls and surreptitiously activate both the microphone and camera.

Marketed under the guise of crime and terrorism…

Source…