Fresh Security Vulnerabilities Create Worry for Crypto Users Using Apple Devices

Security is an important topic for everyone in the digital space, especially crypto users. This is why Apple’s acceptance of a security loophole that places users at risk of exploitation is a major concern for crypto users. Apple’s statement revealed that the loophole offers hackers the opportunity to run remote malicious codes. According to the disclosure, when this code is run through web-based Javascript, an attack vector can be activated to steal crypto assets of users. 

Providing an immediate solution to the vulnerability, Apple advised users of iPhones and iPads to ensure that the latest models of the company’s WebKit software and JavaScriptCore are deployed to patch the security flaw. 

The vulnerability was initially uncovered by a team of threat analysis researchers working at Google. The team discovered a bug that provides an environment for maliciously designed web content to run. When this happens, a user’s device is open to “cross-site scripting attacks.” However, the development became more worrisome when the Apple company confirmed that the team’s findings were true. Apple stated that it knew about the bug and that there are possibilities of the security flaw already being taken advantage of on Mac systems that use Intel processors. With Apple expressing awareness that a feature exploitation on their devices exposes users to attacks when they visit malicious sites, the company confirms that a software update will fix the bug. 

A co-founder of Trugard, who doubles as the crypto company’s CTO, lent his voice to the development. Jeremiah O’Connor stated that sensitive details of users, such as their passwords and keys saved in their browsers, could be accessed by attackers. This access could lead to loss of crypto assets if the user’s device is not patched. 

News about this security flaw began making the rounds when the erstwhile CEO of Binance, Changpeng Zhao, made a tweet advising crypto users who have Macs with Intel processors to update their devices. While an update is a potential solution, ArsTechnica believes that a bug problem from a chip vulnerability cannot be resolved by updating software.