CZ warns crypto community of new exploit targeting macOS and iPhone users
Former Binance CEO Changpeng ‘CZ’ Zhao has warned the crypto community about a new exploit targeting Mac users powered by Intel chips, which could potentially expose a user’s digital assets.
Zhao highlighted the zero-day exploit on Nov. 19, urging Intel-based Mac users to patch their systems to prevent falling victim to ongoing exploits. The vulnerabilities, which also impact iPhones and iPads, have been actively exploited on Mac systems, prompting Apple to release emergency fixes.
“If you use a MacBook with an Intel-based chip, Update asap!” Zhao wrote, cautioning the crypto community about potential risks to sensitive data.
Zero-day vulnerabilities are bugs discovered and exploited by hackers before a patch is available. Hence the name, as developers have “zero days” to address the issue, leaving users vulnerable until updates are installed.
According to a postmortem from Apple, the vulnerabilities, tracked as CVE-2024-44308 and CVE-2024-44309, affect the JavaScriptCore and WebKit components of macOS Sequoia. Hackers can leverage this to execute “cross-site scripting attacks” and stealthily run malicious code.
Cross-site scripting attacks are a type of security vulnerability where attackers inject malicious scripts into trusted websites or applications. These scripts run in the browser of a user visiting the compromised site, allowing attackers to hijack user sessions, redirect users to malicious sites, and steal sensitive information.
Crypto hackers have long exploited similar vulnerabilities across both Mac and Windows systems to steal wallet credentials, execute phishing scams, or inject malware to siphon private keys and digital assets.
The tech giant reported one of the vulnerabilities as a cookie management issue, which has since been resolved with “improved state management.” At the same time, the other was addressed with “improved checks,” the report added.
The vulnerabilities were first discovered by researchers at Google’s Threat Analysis Group, known for investigating government-backed cyberattacks. As such, speculations have emerged about the potential involvement of state-sponsored actors.
Apple hasn’t disclosed any details regarding the extent of the damage other than the fact that the vulnerabilities have been “actively exploited.”
Apple users at risk
Apple users, despite the company’s strong security reputation, have found themselves at risk on several occasions this year alone. On Nov. 12, North Korean hackers targeted macOS users with crypto-focused malware capable of evading Apple’s security measures on outdated systems.
In April, web3 wallet provider Trust Wallet issued a warning about another zero-day exploit in Apple’s iMessage framework, which allowed attackers to infiltrate iPhones without any user interaction.
A month before, researchers discovered a flaw in Apple’s M-series chips that could be exploited to extract cryptographic keys residing in the CPU’s cache, leaving sensitive data susceptible to compromise.
Further, attackers have also managed to infiltrate the App Store several times, despite Apple’s stringent policies, to promote malicious apps that impersonate prominent crypto exchanges, wallets, and other fraudulent platforms that siphon a user’s crypto assets.