iOS Exploit Chain Targets Cryptocurrency Exchanges and Wallet Apps

Google's Threat Intelligence Group has identified a critical iOS exploit chain named DarkSword that is actively targeting multiple cryptocurrency exchanges and wallet applications.

The malware, referred to as Ghostblade, searches for and steals sensitive information from compromised iPhones running on iOS versions 18.4 to 18.7.

Ghostblade's capabilities include stealing data from cryptocurrency exchanges, wallet apps such as Ledger and Trezor, as well as sensitive information like SMS messages, iMessage, contacts, Wi-Fi passwords, geolocation, and chat records from Telegram and WhatsApp.