Svmuu News Google Threat Intelligence has identified a crypto-stealing malware named Ghostblade, affecting Apple iOS devices. It belongs to the DarkSword browser-side malicious tool suite and is used to steal private keys and other sensitive information.

Google Threat Intelligence stated that Ghostblade is written in JavaScript for rapid data theft; it activates after a device is compromised, grabbing sensitive data and sending it back to a malicious server.

Researchers mentioned that this malware does not run 24/7 on infected devices, requires no additional plugins, and stops working after completing data extraction. It also contains code to delete device crash reports to prevent Apple from receiving and flagging the related malware. Ghostblade can access and forward message data from iMessage, Telegram, and WhatsApp. It can also steal SIM card information, identity information, multimedia and geolocation data, and access system settings.

Blockchain intelligence platform Nominis reported that crypto hacking losses dropped to $49 million in February, a significant decrease from $385 million in January. The platform noted that this change reflects a shift in threats from code-based attacks to attack vectors exploiting human error, such as crypto phishing and wallet poisoning. Phishing typically lures victims through highly realistic fake websites and similar-looking URLs to implant malware that can steal data like private keys. (Cointelegraph)