A flaw in the mail app Apple Inc. iPhones and iPads has been exposed, it makes crypto exchange users particularly vulnerable to attacks with their online data.
San Francisco based cybersecurity firm, ZecOps, cites that a previous flaw in the application. The attack is threatening for the users as it only requires the opening of the e-mail to be download malicious software on the device. The user need not click on external links on the email.
The weakness has existed in the application since the release of iOS 6 (an update since iPhone 5). Moreover, the vulnerability trigger on iOS 13 does not even require the user to open the email, as it can get affected just by downloading in the background. The other versions iOS 12 has both ‘zero-click’ and mail opening abilities.
The exploitation of users emails allows the attacker to leak, modify or delete emails. In some case, it can also give full access to the device, however, that has not been identified as of now. While Apple Inc. is expected to release a new fixed version of soon, users must look to safeguard their data and crypto funds.
This is a serious security issue affecting ALL iPhone users. Please take action and protect yourself.
The exchange addressed the problem in a tweet this morning and the cautionary steps one may adopt.
An iOS Mail application vulnerability has been disclosed.https://t.co/8cM1Cwf9me
To ensure you are not affected, disable usage of the iOS Mail app:
🔸Go to Settings > Password & Accounts, set Fetch New Data to “Manual” and disable “Push”.
🔸Use Safari or Gmail etc.
— Binance (@binance) April 23, 2020
The users must also look to activate the 2FA (2-Factor Authentication) to avoid leaving absolute dependence on email and passwords only. Furthermore, apart from active traders, ‘hodlers’ and long-term investors must look to alternative open-source wallets to attain complete custody, instead of leaving them on exchanges.
What other steps would you suggest to protect oneself from these attacks? Please share your views with us.