On April 23, 2020, Binance exchange tweeted that a flaw in the mail app Apple Inc. had been exposed, which puts Binance users vulnerable to attacks with their online data.

ZecOps, a cyber-security company based in San Francisco, was the first to detect and report two zero-day vulnerabilities impacting the Mail App on iOS on Wednesday. According to ZecOps, hackers remotely infect Apple’s iPhones and iPads by sending an email to the victim’s mailbox to activate the attack.

Reacting to the news, Binance CEO suggested on twitter that crypto users should use different email addresses for each exchange, as this will reduce risks of the attack.

According to CZ, traders could also protect themselves by using different passwords, setting 2FA, and using secure apps and websites.

How Does this Affect Binance Users?

According to reports from ZecOps, the targets of this attack are corporate executives and government officials rather than the average Apple users.

ZecOps researchers explained:

“These vulnerabilities are widely exploited in the wild in targeted attacks by an advanced threat operator(s) to target VIPs, executive management across multiple industries, individuals from Fortune 2000 companies, as well as smaller organizations such as MSSPs.”

That said, all cryptocurrency users with iOS devices could also be a target. As soon as a possible victim clicks on the malicious email, attackers can gain instant access to valuable info like passwords to trading platforms and wallets.

How to Protect Yourself from the Attack

Binance users and all other crypto traders are instructed to take necessary actions to protect themselves by disabling the usage of the iOS Mail App until Apple releases an updated version to fix the vulnerabilities.

Users should also use 3rd party email apps such as Gmail, Outlook, and Yahoo, as these options aren’t affected by the malicious bugs.

ZecOps researchers discovered that the shocking vulnerabilities affect all Apple’s software versions between iOS 6 and iOS 13.4.1, and they have been present since 2018.

In their defense, Apple claimed on April 22, 2020, that they had patched the zero-day vulnerabilities in the latest beta iOS 13.4.5, which will be available in a few weeks.