Apple iOS update has been released to fix a critical zero-click vulnerability that put iPhones, iPads, and Macs at risk, raising alarms for cryptocurrency users who rely on Apple devices to secure their wallets.
In an advisory late Wednesday, Apple confirmed the flaw—tracked as CVE-2025-43300—was located in its Image I/O framework, which processes image files across devices. The company warned that a maliciously crafted image could trigger memory corruption, allowing attackers to execute arbitrary code without user interaction.
“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals,” the company said.
The Apple iOS update, rolled out as iOS 18.6.2 and iPadOS 18.6.2, was accompanied by patches for macOS Sequoia 15.6.1, Sonoma 14.7.8, and Ventura 13.7.8. Apple urged users to install the patch manually rather than wait for automatic updates.
Cybersecurity experts warned that the vulnerability is particularly dangerous for crypto holders. Unlike traditional finance, where stolen funds can sometimes be recovered, crypto transactions are irreversible. An attacker gaining access to wallet apps or exchange credentials could drain funds instantly—potentially through something as simple as an image received via iMessage.
“This kind of exploit represents one of the highest risks for crypto investors,” said Alex Turner, a blockchain security researcher. “When your device is compromised at the system level, no amount of two-factor authentication or wallet password protection can save your assets.”
The Apple iOS update covers all iPhones from the XS generation onward, including the latest iPhone 16 series. Supported iPads include the iPad Pro, iPad Air (third generation and later), iPad (sixth generation and later), and iPad mini (fifth generation and later). Mac users on the three most recent versions of macOS are also covered.
Security professionals recommend that crypto users migrate wallet keys, secure primary accounts, and monitor for unusual system behavior if they suspect compromise. Apple has not disclosed how many individuals were targeted, but its swift action underscores the seriousness of the threat.
The urgency recalls past attacks against crypto users. In 2024, Kaspersky revealed that North Korea’s Lazarus Group exploited a Google Chrome zero-day vulnerability to steal wallet credentials via a fake blockchain game, according to Bloomberg.
