ChainCatcher 消息,据 Cointelegraph 报道,谷歌威胁分析团队近日披露了一个名为 “Coruna” 的新型 iOS 漏洞利用套件,该套件正被用于针对 iPhone 用户的加密货币盗窃活动。该套件主要针对运行 iOS 13 至 17.2.1 版本的设备,包含 23 个漏洞利用程序和 5 条完整的攻击链,其中部分为此前未知的漏洞。
它可通过伪造的加密货币相关网站(如冒充 WEEX 交易所的钓鱼网站)实施攻击。据悉,当用户使用存在漏洞的 iOS 设备访问这些恶意网站时,攻击代码会自动运行,扫描设备中的敏感信息,特别是包含助记词、备份短语、银行账户等关键词的文本,并试图从 Uniswap、MetaMask 等加密应用中窃取资产。谷歌研究人员强烈建议 iPhone 用户立即将设备更新至最新的 iOS 版本。若无法更新,应开启苹果系统的 “锁定模式” 以增强防护。
Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.