Get yourself a crypto tee or surprise a crypto enthusiast in your life with our festive Coin Bureau Merch!
Intel CPU Vulnerability Cryptocurrency
5 min read

The Intel CPU Vulnerability that has the Crypto Community Worried

By Editorial Team

When it comes to vulnerabilities that can affect cryptocurrency users, most think about exchange hacks, malware infections and wallet vulnerabilities. However, there is one vulnerability that has escaped scrutiny despite the wide implications.

The vulnerability is a hardware issue that effects Intel CPUs which are the brains of every computer / server. Intel is also the foremost CPU maker in the world and as such, the vulnerability could be quite broad.

For example, there is a large chance that right now your PC is running an Intel chip. But how does this really effect those in the cryptocurrency community?

Specifics of the Vulnerability

The vulnerability is termed a “zero day” vulnerability which means that it is one that has existed since the release of these particular chips. While there have been no reports of it being used before, there is no way of really knowing if it has.

The flaw itself effects the Kernel of the operating system. This is essentially the “brain” of the OS and facilitates some of the most fundamental processes. In this case, there appears to be a memory leak from the Kernel.

This memory leak can be catastrophic as it allows malicious actors to access data from the memory in the kernel. Hence, some local exploit like Malware could theoretically extract sensitive information such as private keys and passwords.

What makes this much worse is that the vulnerability is a hardware issue and there is no easy fix. It would be a logistical impossibility to replace all of the vulnerable chips. Hence, it would have to be a software patch.

Given how quickly Microsoft and Linux have rolled out patches to the exploit, one can only assume that they also view the vulnerability as particularly severe.

How it Could Affect Crypto

There are three places in which this vulnerability could affect those in the cryptocurrency space. It could affect users, exchanges and those who mine cryptocurrency.

Users

There are some theoretical risks that the user could face from this vulnerability. The vulnerability could allow malware or malicious scripts in another program or process to access sensitive kernel memory areas and extract it.

For example, if a hacker was able to execute some malicious JavaScript code in your browser, it could try and read access the kernel memory. If you have used your passwords or private keys in another browser session, the script could extract it.

While this may be worrying, it would still rely on the user visiting a questionable site that has malicious code on it.

Exchanges

Large exchanges with millions of dollars of cryptocurrency on their books have a lot more to worry about from this vulnerability. This is because for large server farms and data centres that operate virtual machines and cloud computing environments.

For example, Amazon EC2, Google Compute Engine and Microsoft Azure. Many exchanges make use of these services and as such could be exposed to the hardware flaws. Sensitive user information and private keys to hot wallets are some of the most exposed data.

This is something that the exchanges themselves are particularly aware of. In a blog post from the engineering team at Coinbase they explained the numerous security protocols they have in place to guard from any breaches. They said

Coinbase maintains an aggressive vulnerability management program. As rumors of this vulnerability emerged several days ago, we began preparing for a few different potential vulnerability types

Miners

While the large Bitcoin mining farms these days operate ASICs such as the Antminer or the Dragonmint, the vulnerability may to affect smaller CPU mining rigs.

The threat to the CPU miners is not so much from the exploit itself but from the patches. According to a tweet from the Register, these patches are likely to slow down performance by between 17%-23%.

This means that the patch could have some effect on the speed of the processing for the mining tasks. Hence the miners will either run the risk with the vulnerability, upgrade and accept impeded performance or buy new hardware.

However, there is also the possibility that miners are unlikely to feel much of the impact as the number crunching the processors do rely more on raw power than on the memory.

Lessons to Be Learned

In this case, the security issue lies with Intel. Thankfully they were able to identify it themselves and it has not come about as a result of a severe hack.

Users and exchanges could not have done anything to protect themselves prior to the vulnerability disclosure. The best response now would be to update your operating system and hope that the exchanges are taking the necessary security steps.

However, this once again demonstrates the importance of secure cold storage for all of your large cryptocurrency holdings. Cryptocurrency that is either stored on a piece of paper or in a hardware wallet cannot be exploited by your PC’s CPU.

Featured Image via Fotolia

Editors at large. Posting the latest news, reviews and analysis to hit the blockchain.
View all posts by Editorial Team -> Best Crypto Deals ->

Related Posts

FTX Exchange
Withdrawals not Halted at FTX: Instead Binance will Buy FTX
FTX Exchange

Withdrawals not Halted at FTX: Instead Binance will Buy FTX

November 9th, 2022 3 min read
crypto gifts
Top 10 Best Crypto Gifts in 2022
crypto gifts

Top 10 Best Crypto Gifts in 2022

December 2nd, 2022 25 min read
OKX invests in WAX
OKX Blockdream Ventures Invests Millions in GameFi and NFT Development on WAX
OKX invests in WAX

OKX Blockdream Ventures Invests Millions in GameFi and NFT Development on WAX

June 3, 2022 2 min read
Binance partners with the weekend
Binance Partners with The Weekend to Provide First-Ever Web 3 Enhanced World Tour
Binance partners with the weekend

Binance Partners with The Weekend to Provide First-Ever Web 3 Enhanced World Tour

June 3, 2022 2 min read
21Shares Releases Sixth State of Crypto Report
21Shares Releases Sixth State of Crypto Report: Summary
21Shares Releases Sixth State of Crypto Report

21Shares Releases Sixth State of Crypto Report: Summary

June 2, 2022 3 min read
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand

Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand

June 2, 2022 2 min read
Regulators are “Not Allowing” Banks to Engage with Crypto
Bank of America CEO: Regulators are “Not Allowing” Banks to Engage with Crypto
Regulators are “Not Allowing” Banks to Engage with Crypto

Bank of America CEO: Regulators are “Not Allowing” Banks to Engage with Crypto

June 1, 2022 2 min read