Bitcoin 
Ethereum 
Tether 
BNB 
Solana 
USDC 
XRP 
Lido Staked Ether 
Dogecoin 
Toncoin 
Cardano 
TRON 
Avalanche 
Wrapped Bitcoin 
Shiba Inu 
Chainlink 
Polkadot 
Bitcoin Cash 
NEAR Protocol 
Uniswap 
LEO Token 
Litecoin 
Dai 
Pepe 
Wrapped eETH 
Polygon 
Internet Computer 
Kaspa 
Ethereum Classic 
Aptos 
Ethena USDe 
Artificial Superintelligence Alliance 
Stellar 
Monero 
Stacks 
Mantle 
Filecoin 
Render 
dogwifhat 
Injective 
Bittensor 
OKB 
Hedera 
Cronos 
Maker 
Immutable 
Arbitrum 
Cosmos Hub 
VeChain 
First Digital USD 
Arweave 
Bonk 
Sui 
Optimism 
The Graph 
Rocket Pool ETH 
Renzo Restaked ETH 
FLOKI 
Bitget Token 
THORChain 
Mantle Staked Ether 
Theta Network 
WhiteBIT Coin 
Aave 
Notcoin 
Jupiter 
Ondo 
JasmyCoin 
Pyth Network 
Lido DAO 
Fantom 
Brett 
Core 
Celestia 
Algorand 
Sei 
ether.fi Staked ETH 
Quant 
Flow 
Gate 
MANTRA 
Marinade Staked SOL 
KuCoin 
Beam 
MultiversX 
Popcat 
Bitcoin SV 
Axie Infinity 
Helium 
GALA 
Ethereum Name Service 
EOS 
BitTorrent 
Flare 
Tokenize Xchange 
NEO 
Kelp DAO Restaked ETH 
ORDI 
Akash Network 
dYdX 
Ethena 
Tezos 
The Sandbox 
Fasttoken 
eCash 
USDD 
cat in a dogs world 
Conflux 
Worldcoin 
Ronin 
Starknet 
NEXO 
SATS (Ordinals) 
Coinbase Wrapped Staked ETH 
Frax 
Decentraland 
Raydium 
Chiliz 
Frax Ether 
Pendle 
PayPal USD 
BOOK OF MEME 
Mina Protocol 
AIOZ Network 
Oasis Network 
Tether Gold 
Mog Coin 
ZKsync 
Synthetix Network 
IOTA 
Gnosis 
Nervos Network 
DeXe 
Swell Ethereum 
Klaytn 
ApeCoin 
Astar 
Wormhole 
LayerZero 
Aerodrome Finance 
Safe 
Livepeer 
Staked Frax Ether 
TrueUSD 
Axelar 
Zcash 
1inch 
XDC Network 
Terra Luna Classic 
Theta Fuel 
Kava 
PancakeSwap 
Bitcoin Gold 
Aevo 
Illuvium 
PAX Gold 
Trust Wallet 
APENFT 
DOG•GO•TO•THE•MOON (Runes) 
IoTeX 
WEMIX 
Turbo 
ConstitutionDAO 
USDB 
H2O Dao 
MX 
Jito 
Gravity 
Galxe 
WOO 
Stader ETHx 
Ether.fi 
SafePal 
Manta Network 
Venom 
Compound 
GMT 
Memecoin 
cETH 
Arkham 
SuperVerse 
Golem 
SingularityNET 
Rocket Pool 
Blur 
Kusama 
Dymension 
Aragon 
0x Protocol 
Avail 
Osmosis 
Zilliqa 
PONKE 
Beldex 
AltLayer 
Dash 
Echelon Prime 
CorgiAI 
Curve DAO 
Enjin Coin 
beincrypto.com 55 m
In a recent academic breakthrough, researchers have exposed a severe vulnerability within Apple’s M-series chips, primarily affecting the security of crypto assets.
This flaw, detailed in a publication by scholars from prestigious institutions, enables attackers to access secret keys during cryptographic operations.
How MacBooks Are Vulnerable to Crypto Hacks
The issue is deeply ingrained in the microarchitecture of Apple’s M1 and M2 chips. Consequently, a direct patch is impossible. Instead, mitigation requires adjustments in third-party cryptographic software, potentially compromising performance.
At the heart of this vulnerability is the data memory-dependent prefetcher (DMP) in these chips. This feature aims to predict and pre-load data, thus minimizing CPU and memory latency.
However, the DMP’s unique behavior can mistakenly interpret memory content as pointer addresses, leading to unintended data leakage through side channels.
Experts like Boru Chen from the University of Illinois Urbana-Champaign and Yingchen Wang from the University of Texas at Austin explain that attackers can exploit this prefetcher’s behavior. They achieve this by crafting inputs that the DMP erroneously recognizes as addresses, thus indirectly leaking encryption keys. This process is central to the newly identified GoFetch attack.
“Our key insight is that while the DMP only dereferences pointers, an attacker can craft program inputs so that when those inputs mix with cryptographic secrets, the resulting intermediate state can be engineered to look like a pointer if and only if the secret satisfies an attacker-chosen predicate,” the researchers explained.
Remarkably, GoFetch does not require root access to execute. It operates with standard user privileges on macOS systems.
The attack has proven effective against both conventional and quantum-resistant encryption methods, extracting keys within a timeframe that varies by cryptographic protocol.
Facing this threat, developers must navigate the complexity. They need to implement robust defenses that, while effective, could significantly slow down processor performance during cryptographic tasks.
One such mitigation tactic, ciphertext blinding, though potent, could require much more computational power, particularly affecting specific key exchanges.
This GoFetch vulnerability revelation is part of a broader context of increasing digital threats, especially for crypto holders. Recent disclosures have pointed to significant security gaps in iOS and macOS, exploited for crypto scams.
Institutions like the National Institute of Standards and Technology and cybersecurity experts have highlighted the vulnerabilities in widely used apps and operating systems, advocating for heightened user caution and prompt system updates.
