The zero-day vulnerability enables a malicious user to penetrate the system and assume control over the device. This kind of vulnerability is particularly dangerous because it does not require the user to click on a malicious link, making it less likely to be noticed by the average user or traditional cybersecurity measures.
Trust Wallet’s Director, Eowyn Chen, shared a screenshot on Twitter, allegedly showing the exploit being offered for sale on the dark web for $2 million. However, the crypto community has expressed skepticism about the authenticity of the screenshot. Critics argue that information based solely on a screenshot cannot be considered reliable without further proof, and such warnings could unnecessarily cause panic.
Despite the skepticism, Trust Wallet insists that the information about the zero-day was received from their security team and partners who continuously monitor threats. Nonetheless, the exploit’s listing on the dark web site has been criticized for not providing a demo or confirmation of its authenticity, raising concerns that it could be a scam.
MetaRyuk, a Web3 and metaverse researcher, noted that while the exploit’s price is listed, the site itself lacks a reputation within the dark web community, and the absence of additional details makes it difficult to assess the credibility of the offer. Apple has yet to comment on the situation.
Source: Red Hot Cyber
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.