Apple Mac computers and iPad tablets may be affected by a serious vulnerability that could expose encryption keys and passwords on certain devices.
A flaw in Apple's M-series chips could be exploited by hackers to steal cryptographic keys, such as those that protect cryptocurrency wallets, through malware attacks, according to researchers from various universities.
And while the risk of an actual exploit may be low, it's not negligible if you're holding large amounts of cryptocurrency in potentially vulnerable software wallets on your Mac. We will briefly discuss the situation based on what has been reported and disclosed so far.
What is the problem?
researcher announced last week They discovered a critical vulnerability within Apple's M-series chips used in Macs and iPads. This vulnerability could allow an attacker to access cryptographically secure keys and code.
The problem comes down to a technology called “prefetch,” which speeds up interactions with devices through Apple's own M-series chips. The device aims to speed up interactions by monitoring the most common activities and keeping data at hand using prefetch functionality. However, it appears that the technique could be misused.
Researchers say it is possible to create an app that successfully “tricks” a processor into caching some of the prefetched data, which the app can access and use to reconstruct encryption keys. ing. That's a potentially big problem.
Who is at risk?
If your Mac or iPad is equipped with an Apple M-series processor (M1, M2, or M3), your device may be affected by this vulnerability. The M1 processor arrived in MacBook Air, MacBook Pro, and Mac Mini in late 2020, and has since expanded to Mac desktops and iPad tablets.
M2 processors and current M3 processors are also susceptible across computers and tablets, with the M2 chip apple vision pro headset. However, on the M3 chip, the data memory-dependent prefetchers affected by this vulnerability “have a special bit that developers can call to disable this functionality.” ars technica There is some performance impact as a result, but it has been reported.
What if I have an older Mac or iPad?
If you have an older Mac with an Intel processor that Apple used for years before developing its own silicon, you're good to go. Intel chips are not affected.
Similarly, if you have an iPad (old or new) that uses one of Apple's A-series chips, which are also found in Apple's iPhones, there appears to be no risk. Only M1, M2, and M3 chips are vulnerable by design. Apple's A14, A15, and A16 chips found in recent iPhones and iPads are indeed variants of the M-series chips, but as of this writing, research reports and media reports do not suggest they are vulnerable. Not mentioned.
What can we do about it?
what can be done you What do you do to fix the problem? Unfortunately nothing. This is a chip-level vulnerability that involves the proprietary architecture of Apple's chips. That means it's not something Apple can fix with a patch. What app developers can do is implement fixes that avoid this vulnerability, but this comes with an obvious performance trade-off, so such apps may feel even slower when updated. there is.
What you can do to remove the risk, of course, is to remove any cryptocurrency wallets you own from vulnerable Apple devices. Move to another device, such as a Windows PC, iPhone, or Android phone. Don't wait for catastrophe to happen.
Errata Security CEO Robert Graham says exactly that. Said zero day Writer Kim Zetter tells readers: Remove your cryptocurrency wallet from your device, at least for now. “There are people who are trying to do this right now. [attack] And I think I'm working on that,” he told the blog.
Can my cryptocurrency be stolen?
Devices with M1-M3 chips do have vulnerabilities, but hackers can't always flip a switch and steal your funds. Typically, malware needs to be installed on the device, and then the attacker needs to use exploited software to obtain the private keys and access the associated wallets.
Apple's macOS too Highly resistant to malware, because you have to manually allow such apps to be installed on your device. Macs block unsigned third-party software by default. Still, if you're the adventurous type and are installing apps from “unknown” developers, you should take precautions if you're using a potentially vulnerable M-chip device .
According to , this type of attack can also be performed on a shared cloud server that holds the keys, so this is also a potential attack vector. zero day. It is also possible to perform this type of attack on a website through JavaScript code. This is much more effective at impacting the average user and does not require the user to install anything. But that's only theoretical for now.
According to Zero Day, the vulnerability could also be used to decrypt the contents of web browser cookies, giving an attacker access to things like email accounts and allowing users to access sensitive accounts. You may be able to log in.
What about hardware wallets?
Current reporting on this vulnerability indicates that hardware wallets such as Ledger and Trezor are not at risk, as the private key must be on an Apple device with an M1-M3 chip to be affected. It seems that. That said, it's probably not a bad idea to avoid connecting your hardware wallet to vulnerable devices, just in case.
What about centralized exchanges?
Centralized exchanges like Coinbase store your funds in custodial wallets and do not have your private keys on your device, so they are not directly at risk. However, if you have saved her Coinbase account password in a cryptographically secure password manager on a vulnerable Apple device, you can change the password or do not have Please update within the manager. A cane to keep you from falling.
Additionally, as mentioned above, an attacker could theoretically use this vulnerability to decipher account passwords from browser cookies.
How serious is this really?
While there is no doubt that this is a serious vulnerability, it seems highly unlikely to affect the average cryptocurrency user. Depending on the type of encryption that is broken by this vulnerability, it can take as little as about an hour to gradually retrieve enough data from the cache to reconstruct the key, or as long as he It may take up to 10 hours.
That doesn't mean it's impossible or that it can't happen to you, but it's not a quick-fix drive-by attack. You should take precautions to avoid exposure, but if the reports are accurate, we don't believe this poses a widespread threat to the average user.
Edited by Guillermo Jimenez
