New Vulnerability in Apple MacBook Allows Hackers to Steal Cryptos

Friday, 22 March 2024, 10:30

Academics have uncovered a critical vulnerability in Apple's M-series chips that poses a significant risk to cryptocurrency security. The flaw enables hackers to exploit a novel GoFetch attack to access encryption keys, potentially compromising crypto asset holdings. This revelation sheds light on the urgent need for enhanced security measures in the face of evolving cyber threats, particularly within the cryptocurrency ecosystem.

How MacBooks Are Vulnerable to Crypto Hacks

The issue is deeply ingrained in the microarchitecture of Apple's M1 and M2 chips. Consequently, a direct patch is impossible. Instead, mitigation requires adjustments in third-party cryptographic software, potentially compromising performance.

Data Memory-Dependent Prefetcher (DMP)

At the heart of this vulnerability is the DMP in these chips, which aims to predict and pre-load data, minimizing CPU and memory latency. However, the DMP's unique behavior can mistakenly interpret memory content as pointer addresses, leading to unintended data leakage through side channels.

GoFetch Attack

Experts like Boru Chen and Yingchen Wang explain that attackers exploit the DMP's behavior by crafting inputs that cause unintended data leakage. This vulnerability does not require high user privileges and is effective against both conventional and quantum-resistant encryption methods.


This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.


Related posts


Newsletter

Get the most reliable and up-to-date financial news with our curated selections. Subscribe to our newsletter for convenient access and enhance your analytical work effortlessly.

Subscribe