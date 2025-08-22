Apple patches iOS zero-day that put crypto wallets at risk via malicious images

Par : BitcoinEthereumNews
2025/08/22 20:54
ChainAware
AWARE$0.006461-0.29%
Seed.Photo
PHOTO$1.1401-3.53%
Helium Mobile
MOBILE$0.0003602+1.60%
Imagen Network
IMAGE$0.0012-24.52%
BRC20.COM
COM$0.021792+3.03%
ZeroLend
ZERO$0.00005504+1.12%
Octavia
VIA$0.0159+0.63%

Apple has released iOS 18.6.2 and iPadOS 18.6.2 along with macOS Sequoia 15.6.1, Sonoma 14.7.8, and Ventura 13.7.8 to fix a zero-day in the ImageIO framework that was exploited in the wild.

Per Apple, processing a malicious image could corrupt memory, enabling code execution, and the company is aware of a report of use in an extremely sophisticated attack targeting specific individuals.

The flaw sits in ImageIO, the component that parses common image formats, which makes delivery via everyday channels, including messaging apps and web content, straightforward from an attacker’s perspective. As security outlets reported, the bug is tracked as CVE-2025-43300 and stems from an out-of-bounds write that Apple addressed with improved bounds checking.

The crypto angle is direct. Wallet owners often copy and paste recipient addresses, and many keep recovery phrases in screenshots or photo storage for convenience. Research this year documented families of mobile spyware and stealers that scan galleries using optical character recognition and exfiltrate images with seed phrases, as well as strains that monitor the clipboard to swap addresses during a transaction.

As Kaspersky reported, SparkCat and its successor SparkKitty used OCR to harvest seed phrases from photos on both iOS and Android, including samples observed on official app stores.

A compromise achieved through a booby-trapped image can, therefore, act as an initial foothold to enable gallery scraping for recovery phrases, surveillance of crypto app activity, and clipboard hijacking during on-chain transfers. Previous research on clipboard hijackers explains how address strings are silently replaced to redirect funds during copy-paste, a tactic long used by drainer operations.

The current incident also fits a pattern of high-value iOS exploit chains used against targeted users. In 2023, Citizen Lab documented a zero-click chain, dubbed Blastpass, used to deliver commercial spyware, demonstrating how image and message parsing bugs can be linked for device takeover without user interaction.

That historical baseline, coupled with Apple’s acknowledgment of real-world use in the present case, frames the risk for crypto users who rely on mobile devices as primary signing endpoints.

Impact spans recent iPhone models and iPads covered by iOS 18 and iPadOS 18, including iPhone XS and later, plus supported Macs on Sequoia, Sonoma, and Ventura. Users can verify protection by confirming iOS or iPadOS 18.6.2, macOS Sequoia 15.6.1, Sonoma 14.7.8, or Ventura 13.7.8 in Settings, then rebooting after installation.

Security outlets urged immediate updates following Apple’s release and disclosure.

For a crypto-savvy audience, the operational takeaway is to close exposure by updating and to reduce post-exploit blast radius by moving seed storage off photo libraries, reviewing app photo permissions, limiting clipboard access, and treating mobile wallets as hot environments with strict hygiene.

Apple’s notes state the root cause was an out-of-bounds write in ImageIO that is now mitigated with stricter bounds checks, and the company confirmed exploitation reports when shipping the patch.

Mentioned in this article

Source: https://cryptoslate.com/apple-patches-ios-zero-day-that-put-crypto-wallets-at-risk-via-malicious-images/

Clause de non-responsabilité : les articles republiés sur ce site proviennent de plateformes publiques et sont fournis à titre informatif uniquement. Ils ne reflètent pas nécessairement les opinions de MEXC. Tous les droits restent la propriété des auteurs d'origine. Si vous estimez qu'un contenu porte atteinte aux droits d'un tiers, veuillez contacter [email protected] pour demander sa suppression. MEXC ne garantit ni l'exactitude, ni l'exhaustivité, ni l'actualité des contenus, et décline toute responsabilité quant aux actions entreprises sur la base des informations fournies. Ces contenus ne constituent pas des conseils financiers, juridiques ou professionnels, et ne doivent pas être interprétés comme une recommandation ou une approbation de la part de MEXC.
Partager des idées

Vous aimerez peut-être aussi

5 Crypto Coins to Watch Next Week During the Crypto Crash

5 Crypto Coins to Watch Next Week During the Crypto Crash

The crypto market is crashing, but several coins have reached key support zones. Here are 5 tokens to keep an eye on and the next levels to watch.
SphereX
HERE$0.000357+0.28%
Partager
Crypto Ticker2025/08/22 21:40
Partager
Project Trinity Launches to Promote Cross-Chain Settlement of Japanese Stablecoins and Security Tokens

Project Trinity Launches to Promote Cross-Chain Settlement of Japanese Stablecoins and Security Tokens

PANews reported on August 22nd that Cosmos has officially launched Project Trinity, a stablecoin-driven delivery versus payment (DvP) settlement project jointly initiated by financial institutions including Sumitomo Mitsui Banking Corporation (SMBC), Progmat, Boostry, and Datachain. TOKI is participating as a technical partner. The project aims to leverage the IBC protocol and LCP technology to enable cross-chain atomic swaps between stablecoins and security tokens, covering blockchain platforms such as Avalanche and Quorum. Japan's stablecoin market is rapidly developing following an update to the Payment Services Act, allowing for the compliant issuance of stablecoins and promoting more efficient and secure financial transaction settlement. The security token market is also expanding, with issuance exceeding 193.8 billion yen (approximately $1.3 billion) by the end of July 2025. Project Trinity aims to ultimately achieve near 24/7 real-time settlement, reducing counterparty and synchronization risks and contributing to the upgrading of Japan's secondary market infrastructure. Furthermore, TOKI will provide cross-chain messaging and middleware support at the technical level to ensure a secure and efficient settlement system. Earlier news reported that Japan's SBI Holdings plans to complete the acquisition of a majority stake in CoinPost on October 1 .
NEAR
NEAR$2.564+3.47%
RealLink
REAL$0.05409+4.96%
Moonveil
MORE$0.10386+3.88%
Partager
PANews2025/08/22 21:00
Partager
US bond market, dollar traders price in a resolute Powell at Jackson Hole speech

US bond market, dollar traders price in a resolute Powell at Jackson Hole speech

The US bond market stayed frozen Friday morning, as the 10-year Treasury yield didn’t move at all, stuck at 4.332%, while the 2-year nudged up by less than one basis point to 3.8%. But hey, that’s nothing. Wall Street wasn’t watching yields anyway. All eyes were locked on Jerome Powell’s upcoming speech at Jackson Hole, […]
Threshold
T$0.01642+3.14%
BarnBridge
BOND$0.1786-2.45%
Movement
MOVE$0.1308+2.50%
Partager
Cryptopolitan2025/08/22 21:12
Partager

Actualités tendance

Plus

5 Crypto Coins to Watch Next Week During the Crypto Crash

Project Trinity Launches to Promote Cross-Chain Settlement of Japanese Stablecoins and Security Tokens

US bond market, dollar traders price in a resolute Powell at Jackson Hole speech

U.S. Treasury Deputy Secretary Falkand to step down after five months

Ten Web3 games worth watching in May