CZ warns crypto community of new exploit targeting macOS and iPhone users

Former Binance CEO Changpeng ‘CZ’ Zhao has warned the crypto community about a new exploit targeting Mac users powered by Intel chips that could expose the user’s digital assets.

Zhao highlighted the zero-day exploit on November 19, calling on Intel-based Mac users to patch their systems to prevent them from falling victim to ongoing exploits. The vulnerabilities, which also affect iPhones and iPads, were actively exploited on Mac systems, leading Apple to issue emergency fixes.

“If you are using a MacBook with an Intel-based chip, update as soon as possible!” Zhao wrote, warning the crypto community about potential risks to sensitive data.

Zero-day vulnerabilities are bugs that are discovered and exploited by hackers before a patch is released. Hence the name, as developers have “zero days” to fix the problem, leaving users vulnerable until updates are installed.

According to Apple’s post-mortem, the vulnerabilities tracked as CVE-2024-44308 and CVE-2024-44309 affect the JavaScriptCore and WebKit components of macOS Sequoia. Hackers can exploit this to conduct “cross-site scripting attacks” and secretly run malicious code.

Cross-site scripting attacks are a type of vulnerability where attackers inject malicious scripts into trusted websites or applications. These scripts run in the browser of the user visiting the compromised site, allowing attackers to hijack user sessions, redirect users to malicious sites, and steal sensitive information.

Crypto hackers have long exploited similar vulnerabilities in both Mac and Windows systems to steal wallet credentials, run phishing scams, or inject malware to capture private keys and digital assets.

The tech giant reported one of the vulnerabilities as a cookie management issue, which has since been resolved with “improved state management.” The other was also addressed with “enhanced controls”, the report said.

The vulnerabilities were first discovered by researchers at Google’s Threat Analysis Group, known for researching government-sponsored cyber attacks. As such, speculation has arisen regarding the potential involvement of state-sponsored actors.

Apple did not disclose any details about the extent of the damage, other than the fact that the vulnerabilities were “actively exploited.”

Apple users are at risk

Apple users have found themselves at risk multiple times this year alone, despite the company’s strong reputation for security. On November 12, North Korean hackers targeted macOS users with crypto-focused malware that could bypass Apple’s security measures on older systems.

In April, web3 wallet provider Trust Wallet issued a warning about another zero-day exploit in Apple’s iMessage framework that allowed attackers to infiltrate iPhones without any user interaction.

A month ago, researchers discovered a flaw in Apple’s M-series chips that could be exploited to extract cryptographic keys located in the CPU’s cache, leaving sensitive data vulnerable to risk.

Moreover, attackers have managed to infiltrate the App Store several times, despite Apple’s strict policies, to introduce malicious applications that imitate leading crypto exchanges, wallets and other fake platforms that hijack the user’s crypto assets.