Security Vulnerability in Apple’s M-Series Chips Puts Mac Users’ Crypto Private Keys at Risk

Apple Cybersecurity
Last updated:
Author
Author
Ruholamin Haqshanas
About Author

Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more

Researchers have uncovered a significant security vulnerability in Apple’s M-series chips, raising concerns about the safety of crypto private keys stored on Mac computers. According to a recent report, the vulnerability, a side-channel exploit, allows malicious actors to extract encryption keys while the Apple chips are executing commonly used cryptographic protocols.Unlike typical vulnerabilities that can be addressed through software patches, this particular flaw resides in the microarchitectural design of the chips themselves, rendering it “unpatchable.” To mitigate the issue, third-party cryptographic software would need to be employed, but this could severely impact the performance of earlier M-series chips, including the M1 and M2.

Fundamental Weakness in Apple’s M-Series Chips Security Poses Threat to Crypto Holders

The findings shed light on a fundamental weakness in Apple’s hardware security infrastructure. Hackers can intercept and exploit memory access patterns to gain unauthorized access to sensitive information, including encryption keys utilized by cryptographic applications. The researchers have given this type of attack the name “GoFetch” exploit, which operates seamlessly within the user environment and requires standard user privileges like regular applications.Following the disclosure of this research, Mac users in online forums have expressed concerns and raised questions about the potential impact on password keychains. Some users believe that Apple will address the problem directly within its operating system, while others express greater worry if the company fails to do so. One user pointed out that Apple might already be aware of this flaw, speculating that the upcoming M3 chip includes an additional instruction to disable the vulnerable feature. They referred to previous research on the topic, known as “augury,” dating back to 2022.

Apple Faces DOJ Lawsuit

This discovery adds to the mounting challenges faced by Apple, including an ongoing antitrust lawsuit filed by the US Department of Justice (DOJ). The lawsuit alleges that Apple’s rules for the App Store and its alleged monopoly have stifled competition and innovation. The DOJ also claims that Apple has restricted access to competing digital wallets, which offer enhanced features, while preventing developers from offering their own payment services to users.Last year, a class-action lawsuit was filed against Apple, alleging that the tech giant has engaged in a conspiracy to limit peer-to-peer payment options on its devices and block the integration of crypto technology in iOS payment apps.The complaint claimed that Apple entered into anti-competitive agreements with popular payment platforms such as PayPal’s Venmo and Block’s Cash App. These agreements allegedly restrict the use of decentralized cryptocurrency technology in payment apps, resulting in inflated prices for users.Furthermore, Apple’s guidelines require app developers to share 30% of transaction revenues. This has been a barrier for crypto firms, including those facilitating the purchase of non-fungible tokens (NFTs), as they strive to provide services to iOS users.As reported, Apple has removed the Bitcoin-friendly social media app Damus from the App Store for violating its terms of service.The app has a tipping feature that allows content creators to receive tips in the form of Bitcoin through the Lightning Network. Apple deemed this feature a violation of its guidelines, as it prohibits developers from selling additional in-app content unless the transactions go through Apple, through which the tech giant takes a 30% cut.

More Articles

Bitcoin News
SEC Commissioner Hester Peirce Says Goodbye to Controversial Crypto Accounting Guidance SAB 121
Sujha Sundararajan
Sujha Sundararajan
2025-01-24 06:19:51
Blockchain News
South Korea’s Goyang City Seizes Crypto Worth Over $228,000 from Traffic Offenders
Tim Alper
Tim Alper
2025-01-24 05:26:17
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors