Changpeng Zhao (CZ), the CEO of the largest exchange by trading volume, Binance, has sent security warning to all iPhone users on the exchange and in the crypto community at large.
This, he said in a response to a piece of information shared via the official Twitter handle of the cryptocurrency exchange about 3 days ago.
In the tweet, the exchange hinted at an iOS Mail application vulnerability exclusively disclosed by a security firm, Zecops, via a blog post.
Binance exchange shared this, “An iOS Mail application vulnerability has been disclosed. To ensure you are not affected, disable usage of the iOS Mail app: Go to Settings > Password & Accounts, set Fetch New Data to “Manual” and disable “Push”. Use Safari or Gmail etc.”
CZ Binance Corroborates the Report of the Security Issue
Responding to the report of the security issue, CZ Binance reiterated that it’s a threat that shouldn’t be played down by all iPhone users.
He then implored all crypto traders and investors to take necessary action for the protection of their funds. CZ used the medium to stress the necessity of using a unique email for each exchange.
“This is a serious security issue affecting ALL iPhone users. Please take action and protect yourself. Another reason to use a unique email address for each exchange, and never share that address with anyone. Less attack surface. Please help retweet. Stay #SAFU.”
This is a serious security issue affecting ALL iPhone users. Please take action and protect yourself.
Another reason to use a unique email address for each exchange, and never share that address with anyone. Less attack surface.
— CZ Binance 🔶🔶🔶 (@cz_binance) April 23, 2020
Recap of Zecops’ Disclosure
According to Zecops that disclosed the security issue, hackers have seemingly used the bug to target workers at a Fortune 500 company in North America.
The attackers just need to send a deliberate email that will grant them full control of the device, once opened by their targeted victims on the native Mail App.
However, Apple has not fully accepted the security firm’s disclosure, but it has promised to fix the issue in the next system update.
“The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers.”