New vulnerability in Apple MacBooks allows hackers to steal cryptocurrencies

In a new academic development, researchers have revealed a serious security vulnerability in Apple's M-series chips, fundamentally affecting the security of crypto assets.

This flaw, which was detailed in a publication prepared by researchers from reputable institutions. It allows attackers to access secret keys during encryption operations.

How can this vulnerability hack MacBook devices?

Lie The problem lies in the microarchitecture of Apple's M1 and M2 chips, and unfortunately it is impossible to directly fix this vulnerability. To mitigate their impact, it is necessary to modify third-party encryption software, which can negatively impact performance.

At the heart of this vulnerability is the so-called “memory-dependent prefetch module (DMP)” of these chips. This feature also aims to predict what data the processor might need and load it in advance. This reduces the delay time between processor and memory.

However, the unique behavior of this property can misinterpret memory contents as pointer addresses. Which leads to unintentional data leaks through side channels.

Experts like Boro Chen of the University of Illinois at Urbana-Champaign and Yingchen Wang of the University of Texas at Austin say attackers can exploit the behavior of this preset. They accomplish this by formatting entries that previous data management software incorrectly recognizes as addresses. Thus, the encryption keys are indirectly disclosed. This process is key to the newly identified GoFetch attack.

"Our main idea is that even if the DMP module only dereferences pointers, an attacker can craft inputs that modify the intermediate state of the data so that it appears as a pointer only if the secret values ​​meet the conditions specified by the 'attacker,' the researchers explained.

Interestingly, the GoFetch attack does not require root privileges to execute. It works with usual user privileges on macOS systems.

The attack was effective against traditional and quantum-resistant encryption methods. It can extract keys in a time frame that varies depending on the encryption protocol.

Faced with this threat, developers must face this complexity. They must implement strong, albeit effective, defenses. However, this can significantly slow down CPU performance during encryption tasks.

Among these mitigation methods, we also find “ciphertext shielding”, which is effective but requires significant computing power and can particularly affect key exchange operations.

The disclosure of the GoFetch vulnerability is part of a broader context of growing digital threats, particularly for holders of cryptocurrencies. Recent reports have indicated major security vulnerabilities in the iOS and macOS operating systems. Which has been exploited for cryptocurrency scams.

Organizations such as the National Institute of Standards and Technology and cybersecurity experts have also highlighted vulnerabilities in widely used applications and operating systems. Call for increased user caution and immediate system updates.