For me, 2FA is also a big help, especially the type that sends text verification before you can access your account. Yeah, it’s a bit of a hassle, but if you value security more than convenience, that’s one of the best ways to protect your funds.
In as much as this certainly helps to reduce risk than a wallet without 2FA but with the attack reported by OP will the 2FA actually have any impact because this kind of attack actually usually gets information from everything on the phone or the online device, so for informations or codes sent to Gmail it can actually get access to that. For 2FA on wallet like electrum once you have the main seed phrase exposed the person break it out, so I seriously doubt if it can have much of any impact in this regard
Of course it’s not safe once your system gets compromised, but what I meant is it only helps minimize the risk, not fully remove it. The best way to handle risk is still to spread your funds, don’t keep everything in one wallet that’s connected to your phone. And with this news, I think they’re talking about the advanced feature of the iPhone 17. I don’t even use iPhone myself, but you know how it goes, hackers will always adapt no matter what phone or tech comes out.