Crypto Alert: Apple Chip Flaw Enables Easy Private Key, Encrypted Data Theft; No Direct Fix

March 22, 2024

A critical flaw in Apple’s M chip series allows for easy private key and encrypted data theft by cybercriminals and malicious actors, putting crypto investors in a very vulnerable position when they do cryptographic functions on Mac and iPad devices.

The mantra “Not your keys, not your coins” or “Not your keys, not your crypto,” has become extremely popular within the crypto sphere, especially after the crypto derivatives platform FTX started to unravel in October-November 2022. The popular expression means that investors cannot be certain of their crypto holdings unless they are stored in a wallet for which they personally have the keys.

But what if the private keys themselves can be easily stolen from the devices where users perform cryptographic operations?

This week, aside from the news that the U.S. Securities and Exchange Commission (SEC) is reportedly launching an active campaign against Ethereum to classify it as a security, another sobering revelation from experts alarmed the cryptocurrency industry. A consortium of researchers from various United States-based universities has revealed that a glaring vulnerability resides within Apple’s M chip series, posing an ominous threat to the protection of digital assets.

This critical flaw, which experts dubbed a side-channel exploit, offers an opportunity for cybercriminals and malicious actors to effortlessly abscond with private keys and encrypted data. This vulnerability is susceptible to exploitation when both the targeted cryptographic operation and a malicious application operating with standard user system privileges are executed on the same CPU cluster.

The gravity of this situation is compounded by the vulnerability’s impact on Mac and iPad devices, particularly each time cryptographic functions are performed on earlier M1 and M2 chips. The crux of the issue lies in the data memory-dependent prefetcher (DMP), which predicts memory addresses of data likely to be accessed by currently running code. 

This prefetching mechanism inadvertently exposes a vulnerability, as the prefetched data becomes susceptible to probing by malicious code. Exploiting this vulnerability hinges on the prefetcher’s reliance on past access patterns to predict future data fetches, thereby enabling attackers to manipulate prefetched data and gain access to sensitive information.

The seriousness of this vulnerability lies in its resistance to conventional remedies

Unlike typical vulnerabilities that can be addressed through direct patches, this particular one is deeply ingrained in the microarchitectural design of the chip itself, rendering it “unpatchable.” To effectively address this flaw, reliance on third-party cryptographic software becomes imperative, albeit with potential repercussions. 

The utilization of such software could significantly impair the performance of Apple’s M-series chips, especially the earlier iterations like the M1 and M2 chips.

It’s important to highlight that this isn’t the inaugural instance where experts have flagged concerns regarding the design of Apple Silicon chips. Back in 2022, MIT researchers uncovered another unrectifiable vulnerability named “PACMAN,” leveraging pointer authentication processes to orchestrate a side-channel attack.

The recent discovery by experts comes amid the backdrop of an expansive antitrust lawsuit lodged against Apple by the U.S. Department of Justice. The lawsuit alleges that Apple’s stringent rules within the Apple App Store, coupled with accusations of monopolistic practices, have unjustly stifled competition and impeded innovation within the tech industry.

Read More

Leave a Reply

Your email address will not be published.