Google Security Team Discloses iOS Vulnerability Chain Capable of Stealing Cryptocurrency Wallet Data

Odaily News According to monitoring by the Google Threat Intelligence Group, an iOS vulnerability exploitation chain named DarkSword is targeting iPhones running versions iOS 18.4 to 18.7. Attackers use compromised websites to deploy malware called Ghostblade, which is designed for rapid data theft. After completing data collection, it automatically deletes temporary files and terminates its operation. It also specifically searches for and steals data from cryptocurrency wallet applications, reportedly potentially involving multiple crypto wallets such as Ledger, Trezor, MetaMask, and Exodus. Additionally, Ghostblade simultaneously steals sensitive information including SMS messages, iMessages, contacts, Wi-Fi passwords, geolocation data, and chat records from Telegram and WhatsApp.