律动BlockBeats|Mar 20, 2026 11:44
**[Google Discovers iOS Exploit Chain Targeting Multiple Crypto CEXs and Wallet Applications]**
BlockBeats News, March 20: According to monitoring by Google Threat Intelligence Group, an iOS exploit chain named DarkSword is targeting iPhone devices running iOS versions 18.4 to 18.7. Attackers are deploying malware called Ghostblade via compromised websites, which specifically searches for and steals data from cryptocurrency CEXs (including Coinbase, Binance, Kraken, Kucoin, OKX, MEXC) and wallet applications (including Ledger, Trezor, MetaMask, Exodus, Uniswap, Phantom, and Gnosis Safe).
Additionally, Ghostblade also synchronously steals sensitive information such as SMS messages, iMessage conversations, contacts, Wi-Fi passwords, geolocation data, and chat records from Telegram and WhatsApp. This malware is designed for rapid data theft, automatically deleting temporary files and terminating its operation after completing data collection. Related attack activities have been observed in Saudi Arabia, Turkey, Malaysia, and Ukraine.
Share To
HotFlash
APP
X
Telegram
CopyLink