Is Apple Chip Exploiting To Steal Crypto? Here’s what you need to know
7 months ago Benito Santiago
Apple Mac computers and iPad tablets may be vulnerable to a serious vulnerability that could expose encryption keys and passwords on certain devices.
A flaw in Apple's M-series chips could be used by hackers in a malware attack to steal cryptographic keys, according to researchers from various universities.
And while the real-world risks of the exploit may be low, it's not something to ignore if you're carrying large amounts of crypto in your software wallet on a vulnerable Mac. Here's a quick primer on the situation as it has been revealed and revealed to date.
What is the issue?
Researchers It was announced last week They found a critical vulnerability in Apple's M-series chips used in Macs and iPads that could allow an attacker to secretly access secure keys and codes.
It all comes down to a technique called “prefetching” that helps Apple's own M-series chips speed up your connection to your device. With Pre-Quick, the device aims to speed up communications by keeping tabs on your most common activities and putting information at your fingertips. But that method can be used now.
Researchers said they were able to create an app that successfully “tricked” the processor into putting some previously acquired data into the cache, which the app could then retrieve and use to reconstruct the cryptographic key. That's a huge problem.
Who is at risk?
If your Mac or iPad has an Apple M-series processor—M1, M2, or M3—your device is vulnerable to this vulnerability. The M1 processor rolled out in late 2020 with the MacBook Air, MacBook Pro, and Mac mini, and later expanded to Mac desktops and even iPad tablets.
The M2 processor and the current M3 processor are also vulnerable in computers and tablets, and the M2 chip in Apple Vision Pro Headphone. But with the M3 chip, the data memory dependent prefetter affected by the vulnerability “has a special little thing that developers call to disable the feature.” Ars Technica Although it was hit by the results at a certain level of performance, reports said.
What if I have an older Mac or iPad?
If you have an older Mac with an Intel processor that was used for years and years before Apple developed its own silicon, you're fine. Intel chips are unaffected.
Similarly, if you have an iPad (old or new) that uses one of Apple's A-Series chips, it will also appear in the company's iPhones. Only M1, M2 and M3 chips are vulnerable due to their design. Apple's A14, A15 and A16 chips from the latest iPhones and iPads are variants of the M-series chips, but the research report and media reports do not mention them as vulnerable as of this writing.
What can I do about it?
what can Hey you To fix the problem? Nothing, unfortunately. This is a chip-level vulnerability related to the unique architecture of Apple chips. That's not something Apple can fix with a patch. What app developers can do is implement fixes to avoid the vulnerability, but there's obviously a performance tradeoff as a result, so apps like this can feel even slower once they're updated.
What you can do to avoid your risk, is to access any Apple wallet you have. Transfer them to another device like Windows PC, iPhone, Android phone, etc. Don't wait for disaster to come.
That's what Robert Graham, CEO of Errata Security, says. They spoke Zero day Author Kim Zetter to share with readers: Get your crypto wallet off your device, at least for now. “Now there are people hoping to do it. [attack] I guess I'm working on it,” he told the blog.
Can my crypto just be taken?
While devices with M1-M3 chips are vulnerable, it's not like hackers can flip a switch and take your money anytime. Typically, you need to install malware on your device, and the attackers need to use the exploited software to extract the private keys and access the associated wallet.
So is Apple's macOS. Able to effectively deal with malwareAs you have to manually allow such app to install on your device. Max blocks unsigned third-party software by default. Still, if you're the adventurous type and install apps from “unknown” developers, you'll want to play it safe if you're using a potentially vulnerable M-chip device.
This type of attack can also be performed on the shared cloud server that holds your keys, so this is another attack vector, he says. Zero day. It might also be possible to pull off such an attack on a website with JavaScript code, which would be more effective for the average user—they wouldn't need to install anything. But that's in theory for now.
The vulnerability could be used to exploit the content of a web browser cookie based on a zero-day, possibly allowing attackers to access something like an email account—which would allow users to log into confidential accounts.
What about hardware bags?
Hardware wallets such as Ledger and Trezor do not appear to be vulnerable according to current reports surrounding the vulnerability, as private keys are required to access the M1-M3 chips on your Apple device. That said, it's probably not a bad idea to avoid connecting hardware wallets to vulnerable devices.
What about central exchanges?
Centralized exchanges like Coinbase hold your funds in custodial wallets, and since there are no private keys on your device, they are not directly at risk. However, if you have stored your password on your Coinbase account in a secure password manager on your secure Apple device, you may want to change your password and is not Update in the manager. Better than sorry.
And as mentioned, it is theoretically possible for an attacker to use this vulnerability to decrypt account passwords from browser cookies.
How hard is this really?
It's a serious vulnerability, no doubt—but the likelihood of it affecting the average crypto user seems pretty low. Depending on the type of encryption cracked with this vulnerability, it could take as little as an hour to slowly extract enough data from the cache to rebuild the key… or up to 10 hours.
That's not to say it's impossible or that it can't happen to you, but this isn't a quick-hit, drive-by type of attack. You still need to take precautions to make sure you're not at risk, but if the report is correct, it doesn't seem like this will be a widespread threat to the average user.
Edited by Guillermo Jimenez
