CZ Warns Crypto Community of macOS and iPhone Exploit Targeting Users

Journalist

Hassan Shittu

Journalist

Hassan Shittu

About Author

Hassan, a Cryptonews.com journalist with 6+ years of experience in Web3 journalism, brings deep knowledge across Crypto, Web3 Gaming, NFTs, and Play-to-Earn sectors. His work has appeared in...

Author Profile

Share

Copied

Last updated: 

November 21, 2024

Why Trust Cryptonews

Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

Changpeng “CZ” Zhao, co-founder and former CEO of Binance, has sounded the alarm over a critical vulnerability exploit targeting Apple’s macOS and iPhone users.

Attackers have actively used the zero-day exploit to compromise devices, specifically targeting Intel-based Macs, posing a serious threat to security-conscious users, particularly those in the cryptocurrency space.

CZ’s warning on Nov. 19 urged immediate updates to prevent potential breaches.

According to SecurityWeek, the vulnerabilities tracked as CVE-2024-44308 and CVE-2024-44309 were discovered by Google’s Threat Analysis Group (TAG), known for monitoring state-backed cyber threats.

These flaws enable malicious actors to execute unauthorized code and launch cross-site scripting attacks through compromised web content. Apple has since issued urgent patches, which are still being worked on.

CZ Hints at Crypto Exploit: Why are macOS and iPhone Users Constantly Targeted?

The vulnerabilities impact critical components of Apple’s software architecture, with far-reaching implications for system security.

CVE-2024-44308 exploits the JavaScriptCore engine in macOS, allowing attackers to execute arbitrary code by processing specially crafted web content.

This means malicious actors can potentially take control of a user’s device without their knowledge, creating opportunities for unauthorized data access, malware injection, or deeper system compromise.

Similarly, CVE-2024-44309 targets Apple’s WebKit browser engine, which powers Safari and other web-based applications.

This vulnerability facilitates cross-site scripting attacks, a technique where hackers inject malicious scripts into legitimate websites or apps.

Once executed, these scripts can steal sensitive data, hijack user sessions, or redirect victims to phishing sites.

Apple addressed these vulnerabilities by implementing improved state management and rigorous checks within its latest software updates.

The company has released patches for macOS Sequoia 15.1.1, iOS 18.1.1, and iOS 17.7.2 and urges all users to update immediately.

While Apple has remained tight-lipped about the specifics of the attacks, Google TAG’s discovery indicates the potential involvement of advanced threat actors, possibly linked to state-sponsored campaigns, like Lazarus North Korean Hackers.

Last month, Kaspersky revealed a sophisticated cyberattack by the North Korean Lazarus Group, which targeted cryptocurrency investors through a fake blockchain-based game.

It exploited a zero-day vulnerability in Google Chrome’s V8 JavaScript engine. The group installed spyware to steal wallet credentials, leveraging advanced techniques like generative AI and social engineering.

Implications for the Crypto Ecosystem: How Bad Can it Be?

As custodians of digital assets, crypto users are frequent targets of sophisticated cyberattacks.

Exploits like these can be weaponized to extract private keys, steal wallet credentials, or compromise browser extensions for crypto transactions.

Recent history has highlighted the risks. Earlier this year, North Korean hackers launched a campaign targeting LinkedIn users by impersonating key companies and personnel.

Similarly, they launched a new one in September this year targeting browser extensions and video conferencing applications.

The financial stakes are immense. Hackers exploiting zero-day vulnerabilities can intercept transactions, access stored cryptocurrencies, or even install keyloggers to monitor future activities.

Moreover, Apple users, often perceived as insulated from threats due to the company’s strong security reputation, are now constantly targeted.

On April 15 this year, Trust Wallet disclosed that it had received credible intelligence regarding a high-risk zero-day exploit targeting iOS users. This exploit could potentially allow hackers unauthorized access to personal data.

The exploit, reportedly sold on the Dark Web for $2 million, leverages vulnerabilities in iMessage. Apple teams quickly saw to that as well before it escalated.