Apple Admits to Remote Code Exploit That Threatened Crypto Security

Apple has confirmed a critical vulnerability in its devices that allowed malicious actors to execute remote code through web-based JavaScript, creating a potential threat to users’ cryptocurrency security.

The exploit, detailed in a recent Apple security disclosure, affected JavaScriptCore and WebKit software, which are essential components for processing web content.

The firm urged users to update their devices to the latest software versions to mitigate the risk.

Apple Vulnerability Actively Exploited

The vulnerability, uncovered by Google’s Threat Analysis Group, could enable “processing maliciously crafted web content,” leading to cross-site scripting attacks.

Apple acknowledged that the issue may have been actively exploited on Intel-based Mac systems, heightening concerns about its impact.

The flaw wasn’t limited to Macs; iPhone and iPad users were also at risk. Apple disclosed that the vulnerability in JavaScriptCore could lead to arbitrary code execution if users accessed harmful websites.

A software update has been released to address the issue.

Jeremiah O’Connor, CTO of crypto cybersecurity firm Trugard, warned that unpatched devices could expose sensitive data such as private keys and passwords stored in browsers, making cryptocurrency theft a tangible threat.

“Attackers could gain access to sensitive data, which poses significant risks to crypto users,” O’Connor said.

The crypto community swiftly responded to the revelations.

Former Binance CEO Changpeng Zhao urged users of Intel-based MacBooks to update their systems immediately, raising the alarm on social media.

If you use a Macbook with Intel based chip, update asap!

Stay SAFU!https://t.co/mk2Jsicnte

— CZ 🔶 BNB (@cz_binance) November 20, 2024

This incident follows earlier reports of vulnerabilities in Apple’s M-series chips (M1, M2, and M3).

These chips were found to have a flaw in the prefetching process, a feature designed to enhance performance.

Security researchers discovered that prefetching could be exploited to store sensitive data in the processor’s cache, enabling attackers to reconstruct cryptographic keys.

Unlike the JavaScriptCore vulnerability, chip-level flaws cannot be addressed through software updates.

While workarounds exist, they often involve a trade-off between device performance and security.

Apple’s latest disclosures highlight the growing intersection of cybersecurity and cryptocurrency, emphasizing the critical need for timely updates to safeguard sensitive data in an increasingly digital world.

Cthulhu Stealer Malware Targets Apple Users

In August, Cybersecurity firm Cado Security warned Apple Mac users regarding a new malware variant named “Cthulhu Stealer,” designed to steal personal information and target cryptocurrency wallets.

“While MacOS has a reputation for being secure, macOS malware has been trending up in recent years,” the firm stated.

The Cthulhu Stealer malware masquerades as legitimate software, such as CleanMyMac or Adobe GenP, appearing in the form of an Apple disk image (DMG).

Once users download and open this file, they are prompted to enter their password through macOS’s command-line tool, which runs AppleScript and JavaScript.

After the initial password is entered, the malware prompts for a second password, specifically targeting the Ethereum wallet MetaMask.

The rise of Cthulhu Stealer and other similar threats, like the AMOS malware that clones Ledger Live software, has prompted Apple to take action.

The tech giant recently announced updates to its macOS, making it more difficult for users to bypass Gatekeeper protections that ensure only trusted applications are run.