Google Security Team Discloses iOS Vulnerability Chain That Can Steal Cryptocurrency Wallet Data

Odaily According to monitoring by the Google Threat Intelligence Group, an iOS exploit chain named DarkSword is targeting iPhones running versions iOS 18.4 to 18.7. Attackers use compromised websites to deploy malware called Ghostblade, which is designed for rapid data theft. After completing data collection, it automatically deletes temporary files and terminates its operation. It also specifically searches for and steals data from cryptocurrency wallet applications, reportedly potentially involving multiple crypto wallets such as Ledger, Trezor, MetaMask, and Exodus. Additionally, Ghostblade simultaneously steals sensitive information such as SMS, iMessage, contacts, Wi-Fi passwords, geolocation data, and chat records from Telegram and WhatsApp.