Apple Chip Exploit That Steals Crypto? Here’s What You Need to Know


Apple Mac computers and iPad tablets are vulnerable to a potentially serious vulnerability that could expose cryptographic keys and passwords on some devices.

A flaw in Apple's M-series chips could be exploited by hackers to steal cryptographic keys, including those securing cryptocurrency wallets, through a malware attack, according to researchers from various universities.

And while the real-world risks of exploitation may be low, it's not something you'll want to ignore if you keep large amounts of crypto in a software wallet on a potentially vulnerable Mac. Here's a quick primer on the situation based on what has been reported and disclosed so far.

What's the issue?

researchers announced last week They have discovered a critical vulnerability within Apple's M-series chips used in Macs and iPads that could potentially allow an attacker to gain access to cryptographically secure keys and codes.

The problem is limited to a technology called “prefetching,” which Apple's own M-series chips enable to speed up your interactions with your device. With prefetching, the device aims to speed up interactions by keeping track of your most common activities and keeping data close at hand. But apparently that technology can now be taken advantage of.

The researchers say they were able to create an app that successfully “tricked” the processor into putting some of the prefetched data into the cache, which the app could then access and use to recreate the cryptographic key. Could do. This is potentially a huge problem.

Who is at risk?

If your Mac or iPad has an Apple M-series processor—M1, M2, or M3—your device is potentially susceptible to this vulnerability. The M1 processor launched with the MacBook Air, MacBook Pro, and Mac mini in late 2020 and was later expanded to Mac desktops and even iPad tablets.

M2 processors and the current M3 processors are also susceptible to computers and tablets, and the M2 chip is also used apple vision pro headset. But with the M3 chip, the data memory-dependent prefetcher that is affected by the vulnerability “has a special bit that developers can implement to disable the feature,” Ars Technica Reports, however, resulted in some level of performance impact.

What if I have an old Mac or iPad?

If you have an older Mac with an Intel processor, which Apple used for years before it developed its own silicon, you're fine. Intel chips are not affected.

Similarly, if you have an iPad (old or new) that uses one of Apple's A-series chips, which are also present in the company's iPhones, there doesn't appear to be any risk. Only the M1, M2, and M3 chips are vulnerable by design. Apple's A14, A15, and A16 chips from recent iPhones and iPads are actually variants of the M-series chips, but research reports and media reports do not show them to be vulnerable as of this writing.

What can I do about it?

what can happen You What to do to fix the problem? Nothing, unfortunately. This is a chip-level vulnerability related to the unique architecture of Apple's chips. This means it's not something Apple can fix with a patch. App developers can implement fixes to avoid vulnerabilities, but this obviously results in performance changes, so such apps may feel more sluggish after an update.

Of course, you can remove any crypto wallets from your vulnerable Apple devices to remove your risk. Migrate them to another device, be it Windows PC, iPhone, Android phone, etc. Don't wait for a disaster to strike.

This is exactly what Robert Graham, CEO of Errata Security, has to say: told zero day Author Kim Zetter will share with readers: Remove your crypto wallets from your device, at least for now. “There are people right now who are hoping to do this (attack) and are working on it,” he said in the blog.

Can my crypto be taken now?

While devices with M1-M3 chips are indeed insecure, it's not as if hackers can simply flip a switch and take your funds at any time. You would typically need to install malware on your device, and then attackers would need to use the exploited software to pull the private key and access the associated wallet.

Apple also has macOS Highly resilient to malware, because you have to manually give permission for such apps to be installed on your device. Mac blocks unsigned, third-party software by default. Still, if you're the adventurous type and have installed apps from “unknown” developers, you might want to play it safe when using a potentially vulnerable M-chip device.

This type of attack can also be performed on a shared cloud server that holds your keys, so this is another potential attack vector, according to zero day, It may also be possible to execute such an attack on a website via JavaScript code, which would be far more effective in affecting the average user – they wouldn't have to install anything. But this is still theoretical.

According to Zero Day, the vulnerability could also potentially be used to decrypt the contents of a web browser cookie, potentially giving attackers access to something like an email account – which could allow users to log into sensitive accounts. Can let these do.

What about hardware wallets?

Based on current reporting about the vulnerability, hardware wallets like Ledger and Trezor are apparently not at risk, as the private key needs to be on your Apple device with an M1-M3 chip to be affected. That said, it's probably not a bad idea to avoid connecting hardware wallets to vulnerable devices.

What about centralized exchanges?

Centralized exchanges like Coinbase keep your funds in a custodial wallet, and since you don't have the private keys on your device, they are not directly at risk. However, if you keep your Coinbase account password in a cryptographically secure password manager on your unsecured Apple device, you may want to change your password and No Update it within the manager. better safe than sorry.

And as mentioned, it is theoretically possible for an attacker to decrypt account passwords from browser cookies using this vulnerability.

How serious is it really?

There's no doubt that this is a serious vulnerability – but the likelihood of it having an impact on the average crypto user appears to be quite low. Depending on the type of encryption being cracked through this vulnerability, it could take about an hour or up to 10 hours to slowly pull enough data from the cache to recreate a key.

That doesn't mean it's impossible or that it couldn't happen to you, but it's not a quick-hit, drive-by type of attack. You should still take precautions to make sure you're not at risk, but if the reports are accurate, it doesn't seem like it will be a widespread threat to the average user.

Edited by Guillermo Jimenez

Stay on top of crypto news, get daily updates delivered to your inbox.


About Author

0 Comment

Leave a comment