SlowMist security professionals have recently uncovered a malicious program on the App Store built to acquire user information and cryptocurrencies.
The virus masquerades as a valid application to be downloaded onto the user’s device. Afterward, the perpetrator encourages the person to input their Apple ID password.
This data provides the attacker with the ability to add their phone numbers to the list of approved two-factor authentications for Apple’s system.
This enables them to manage the account, giving them full access to the account’s contents.
The transgressors are also able to obfuscate their activities by establishing extra Apple IDs and taking advantage of the family account sharing feature.
Security experts caution that a crypto wallet partially secured by iCloud offers hackers a window of opportunity to rob the user of their digital save offline.
In April, two vulnerabilities of a critical nature were found in some Apple operating systems, allowing ill-intended actors to gain high-level user access and potentially compromising the security of the user’s digital resources.
