Trusted

Hackers Could Steal Your Crypto Keys Due to an Unpatchable Intel Flaw

2 mins
Updated by Kyle Baird
Join our Trading Community on Telegram
This Tuesday, security researchers revealed the existence of a new flaw that could allow cybercriminals and hackers to steal sensitive digital secrets from Intel’s SGX.
Intel’s SGX (Software Guard eXtension) acts as a digital vault for the users’ private information, and it appears that this newly-discovered flaw is unfixable.

A New Wave of Exploits and Hacks

CPU makers have been fighting against all kinds of vulnerabilities and exploits that could lead to password theft and leaks of other sensitive data for a long time now. On the surface, this Load Value Injection (LVI) — the name researchers chose for the proof-of-concept attacks — works similarly to some of the previous vulnerabilities. All of the flaws of this type seem to originate from something called ‘speculative execution’ — an optimization that allows the CPU to try and predict future instructions. The vulnerability gave way to exploits such as Spectre and Meltdown, which were the first to become public. However, it did not end there. cyber security blockchain Soon enough, a wave of new exploits had followed, such as RIDL, ZombieLoad, Foreshadow, Fallout, and more. Basically, hackers can exploit a side channel that reveals sensitive information by running JavaScript stored on malicious sites or code in a malicious app.

How Does the New Flaw Work?

Now, this latest flaw gives way to exploits that upend SGX’s confidentiality guarantee completely. The LVI allows attackers to steal secrets from the SGX enclave, which may include passwords, encryption keys, cryptocurrency private keys, and more. There is an entire list of affected processors that Intel has created, and it can be viewed here. Fortunately, chips that already have hardware fixes for exploits such as Meltdown are not vulnerable. However, researchers say that this LVI is harder to mitigate than previous exploits since it can affect any access to memory. It is also noteworthy that it reverses the exploitation process of Meltdown, and it turns the flow around by injecting data that poisons hidden processor buffers. The method mostly works against Intel CPUs, but it is not limited to these chips, and ARM chips can be affected as well, even though researchers still do not know why.
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

photo_Ali_Raza_circle.jpg
Ali is a journalist with experience in web journalism and marketing. Ali holds a Master's Degree in Finance and enjoys writing about cryptocurrencies and fintech. His work has been published on a number of cryptocurrency publications.
READ FULL BIO
Sponsored
Sponsored