iOS 18.6 Urgently Released to Patch Critical Security Flaw Targeting Crypto Users

Generated by AI AgentCoin World
Friday, Aug 1, 2025 7:24 am ET1min read
AAPL
--
Aime RobotAime Summary

- Apple urgently released iOS 18.6 to patch a critical vulnerability enabling code injection via compromised websites, threatening crypto users' data and assets.

- Kaspersky identified new iOS/Android Trojans exploiting app permissions to steal wallet info, highlighting risks of storing seed phrases in phone galleries.

- Experts warn against digital documentation of private keys, urging offline storage to prevent irreversible crypto losses from device breaches.

- The incident underscores growing mobile security threats for crypto users, emphasizing urgent platform updates and proactive asset protection measures.

A critical security vulnerability has been discovered in iOS devices, creating a direct threat to users who store cryptocurrencies on their smartphones. The flaw, which affects Safari and Chrome browsers, allows attackers to inject malicious code by visiting a compromised website—without requiring any downloads or user interaction beyond basic navigation [1].

Apple
has released an urgent update, iOS 18.6, to patch the vulnerability, and users are advised to install it immediately to prevent potential exploitation [1].

The vulnerability impacts iPhone XS and later models, enabling attackers to access sensitive data such as passwords, bank credentials, and even enabling covert surveillance. For cryptocurrency users, the risk is heightened, as stolen login details could lead to unauthorized access to digital assets [1]. Cybersecurity experts and Apple have reiterated the importance of updating software promptly to mitigate such risks.

Alongside the iOS vulnerability, Kaspersky researchers have identified a new family of Trojans targeting both iOS and Android devices. These malware variants gain access by exploiting app permissions—especially those granting access to the photo gallery—posing a significant threat to cryptocurrency users [1]. Once installed, the malware can exfiltrate sensitive data, including wallet information and private keys.

Experts stress that storing seed phrases or private keys as images in a phone’s gallery is a major security risk. In the event of a breach, such practices can lead to irreversible loss of digital assets. Best practices now include storing seed phrases offline and avoiding any form of digital documentation that could be accessed through compromised applications or browsers [1].

The discovery highlights an increasing overlap between mobile device security and cryptocurrency storage. As smartphones play a larger role in managing digital assets, vulnerabilities such as these underscore the necessity for both platform-level and user-level precautions. The swift response from Apple and cybersecurity professionals reflects the urgency of the situation and the growing emphasis on securing digital assets through proactive measures [1].

Source: [1] Warning: Critical Security Vulnerability Detected in Smartphones – Take This Essential Step to Prevent Your Cryptocurrencies from Being Stolen – https://en.bitcoinsistemi.com/warning-critical-security-vulnerability-detected-in-smartphones-take-this-essential-step-to-prevent-your-cryptocurrencies-from-being-stolen/

Comments



Add a public comment...
No comments

No comments yet