CZ Warns Crypto Community of macOS and iPhone Exploit Targeting Users
Changpeng “CZ” Zhao, co-founder and former CEO of Binance, has sounded the alarm over a critical vulnerability exploit targeting Apple’s macOS and iPhone users.
Attackers have actively used thezero-day exploitto compromise devices, specifically targeting Intel-based Macs, posing a serious threat to security-conscious users, particularly those in the cryptocurrency space.
CZ’s warning on Nov. 19 urged immediate updates to prevent potential breaches.
According toSecurityWeek, the vulnerabilities tracked as CVE-2024-44308 and CVE-2024-44309 were discovered by Google’s Threat Analysis Group (TAG), known for monitoring state-backed cyber threats.
These flaws enable malicious actors to execute unauthorized code and launch cross-site scripting attacks through compromised web content. Apple has since issued urgent patches, which are still being worked on.
CZ Hints at Crypto Exploit: Why are macOS and iPhone Users Constantly Targeted?
The vulnerabilities impact critical components of Apple’s software architecture, with far-reaching implications for system security.
CVE-2024-44308 exploits the JavaScriptCore engine in macOS, allowing attackers to execute arbitrary code by processing specially crafted web content.
This means malicious actors can potentially take control of a user’s device without their knowledge, creating opportunities for unauthorized data access, malware injection, or deeper system compromise.
Similarly, CVE-2024-44309 targets Apple’s WebKit browser engine, which powers Safari and other web-based applications.
This vulnerability facilitates cross-site scripting attacks, a technique where hackers inject malicious scripts into legitimate websites or apps.
Once executed, these scripts can steal sensitive data, hijack user sessions, or redirect victims to phishing sites.
Apple addressed these vulnerabilities by implementing improved state management and rigorous checks within its latest software updates.
The company has released patches for macOS Sequoia 15.1.1, iOS 18.1.1, and iOS 17.7.2 and urges all users to update immediately.
While Apple has remained tight-lipped about the specifics of the attacks, Google TAG’s discovery indicates the potential involvement of advanced threat actors, possibly linked to state-sponsored campaigns, likeLazarus North Korean Hackers.
Last month, Kasperskyrevealeda sophisticated cyberattack by the North Korean Lazarus Group, which targeted cryptocurrency investors through a fake blockchain-based game.
It exploited a zero-day vulnerability in Google Chrome’s V8 JavaScript engine. The group installed spyware to steal wallet credentials, leveraging advanced techniques like generative AI and social engineering.
Implications for the Crypto Ecosystem: How Bad Can it Be?
As custodians of digital assets, crypto users are frequent targets of sophisticated cyberattacks.
Exploits like these can be weaponized to extract private keys, steal wallet credentials, or compromise browser extensions for crypto transactions.
Recent history has highlighted the risks. Earlier this year, North Korean hackers launched a campaign targeting LinkedIn users by impersonating key companies and personnel.
Similarly, they launched a new one in September this year targeting browser extensions and video conferencing applications.
The financial stakes are immense. Hackers exploiting zero-day vulnerabilities can intercept transactions, access stored cryptocurrencies, or even install keyloggers to monitor future activities.
Moreover, Apple users, often perceived as insulated from threats due to the company’s strong security reputation, are now constantly targeted.
On April 15 this year, Trust Walletdisclosedthat it had received credible intelligence regarding a high-risk zero-day exploit targeting iOS users. This exploit could potentially allow hackers unauthorized access to personal data.
The exploit, reportedly sold on the Dark Web for $2 million, leverages vulnerabilities in iMessage. Apple teams quickly saw to that as well before it escalated.