Welcome to HODL.FM. The only crypto publication watching your back. Today’s attention is on Apple chips. A sudden vulnerability has emerged and its bad. Really baaad for your crypto!
If you are one of those guys with an Apple Device powered by the M1, M2, or M3 chip, your cryptos are in big trouble. Nowadays, it seems Apple-owning folks in crypto have the largest share of the industry’s woes.
Just the other day, the manufacturer has been in prolonged conflict with crypto platforms that need to launch on the app store.
Apparently, it turns out that crypto users might even not need some of these Apple devices after a recent breakthrough found cryptographic keys are seriously vulnerable on Mac computers and iPad tablets.
Related: Marathon Digital Outshines Tesla, Apple, and Amazon
The worst part is the ease of compromising these keys and decrypting blockchain wallets or passwords to centralized exchanges, hence posing a significant threat to crypto users.
What is the Issue with these Chips?
According to the University Researchers who discovered the loopholes, the issue arises from a functionality called prefetching which is built on every Apple M-series chip. This functionality is another way of saying:
Let’s keep these data and processes close, within tabs so that we don’t have to go back again to fetch them repeatedly. Especially for the most common activities you perform on your Macbook or iPad.
It happens that the researchers have practically proved the possibility of hacking into this “prefetching’ technique by tricking the processor to direct part of the prefetched data into the cache, and through the cache, a hacker can utilize it for reconstructing the cryptographic key.
If you can see through this technical terminology, the researchers are simply telling you to be careful and extremely vigilant with your M1, M2, or M3-powered Mac, iPad, or desktop. But you don’t have to worry if you own one of those classic Apple devices withan intel processor, they probably came out before the manufacturer built its own silicon chips.
Bad News, Good News?
Given this is an architectural issue to do with Apple chips, it’s not possible for the manufacturer to fix it with a patch. That’s the bad news.
One other slightly bad news is the app developers can disable the prefetch feature on the M3 chip. However, this comes at the cost of trading off performance and speed. Better yet, it is also impossible to disable the feature on the M1 and M2 processor.
The good news is you can pack your bag and leave it with Android or Windows. Who knows, any of them could house a degen. And maybe even throw you guys a welcome party. But hey, no need to leave Apple if your bag is empty.
Hacking into the prefetch function takes upto 8 hours, hence, you need not to worry if your wallet does not have large amounts of holdings. However, it would be a bad idea to ignore, especially for a hodler who is always hodling and reading HODL.FM.
Read More on Hacking:
- How to Store Cryptocurrency
- Cheat Sheet for a REAL Crypto Criminal: Your Guide to Crypto Crime Terminology
The problem with this kind of loophole is your centralized exchange passwords are also not safe. You might say, Binance holds my private keys. So I don’t have to worry. Meanwhile, it will be a good idea to change your login credentials if they are stored inside a cryptographically secured password manager. While you do this, also make sure you do not update the login credentials within the password manager again.
Remember how we mentioned the hack may take up to 8 hours to be successful. Yes, we were right. In a typical situation, a criminal would have to execute a malware installation into your computer and use it to deconstruct the cache for private keys. The better side of things is that Apple OS will always ask for permission before installing third-party or unsigned software.
This means you must be extra careful when installing any unidentified applications if using one of the vulnerable M-series chips. The challenge here is that the majority of cryptocurrency apps might not be available on the App Store due to Apple’s many restrictions on digital assets applications.
Just recently, the manufacturer pulled out Kraken, Binance, and other cryptocurrency apps from the India App Store. Hence in one way or the other, it might not be viable for blockchain users to not install unidentified apps.
As we end, you should also know there is a theoretically possible chance of attacking the device using Javascript code on a website client. This attack vector does not requre installing anything on your computer and could therefore affect the average crypto user. In other words, stay safe and have good intentions.
Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL.FM is not a financial reference resource and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice of this sort, HODL.FM strongly recommends contacting a qualified industry professional.
