ChainCatcher 消息,据 Google Threat Intelligence Group 监测,一种名为 DarkSword 的 iOS 漏洞利用链正针对运行 iOS 18.4 至 18.7 版本的 iPhone 手机。
攻击者利用受损网站部署名为 Ghostblade 的恶意软件,该程序专门搜索并窃取加密货币 CEX(包括 Coinbase、Binance、Kraken、Kucoin、OKX、MEXC)及钱包应用(包括 Ledger、Trezor、MetaMask、Exodus、Uniswap、Phantom 和 Gnosis Safe)的数据。
此外,Ghostblade 还会同步窃取短信、iMessage、联系人、Wi-Fi 密码、地理位置以及 Telegram 和 WhatsApp 的聊天记录等敏感信息。该恶意软件旨在进行快速数据窃取,在完成采集后会自动删除临时文件并终止运行。目前相关攻击活动已在沙特阿拉伯、土耳其、马来西亚和乌克兰等地被观察到。
Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.