Apple’s latest iPhone 17 introduces a new layer of defense for crypto users with hardware-level memory protections that aim to prevent common attack vectors used to hijack signing operations.
At the core of this upgrade is Memory Integrity Enforcement (MIE), a feature enabled by default that uses Enhanced Memory Tagging Extension (EMTE)-style memory tagging to detect and block dangerous memory access types like out-of-bounds and use-after-free errors.
According to cybersecurity firm Hacken, the new MIE system “meaningfully” reduces the risk of attackers using memory-corruption zero-days to take control of signing code. “It’s a real plus for crypto users, especially high-net-worth or frequent signers,” Hacken told Cointelegraph.
These vulnerabilities reportedly account for nearly 70% of software flaws and are often exploited in zero-day attacks targeting wallets and Passkey approvals.
Related: Apple patches zero-click exploit threatening crypto users
Apple boosts iPhone 17 defenses
Hacken explained that MIE actively detects and blocks dangerous memory access patterns like out-of-bounds and use-after-free errors, preventing many common exploit chains. It’s always-on across both kernel and user-level processes, making spyware development more difficult and expensive.
“It raises the bar for attackers and makes targeted spyware/exploit development much harder and more expensive,” Hacken said. “That directly benefits wallet apps and Passkey flows that rely on in-process operations,” the blockchain security firm added.
However, MIE is not a silver bullet. It does not protect against phishing, social engineering, malicious web content, or compromised apps. Furthermore, it does not replace secure hardware wallets or eliminate the need for user vigilance.
“Security improvements reduce overall risk but don’t make devices invulnerable,” Hacken said, asking users to be vigilant and expect new vulnerabilities.
Related: Apple eyes generative AI to speed up custom chip design: Report
Apple crypto users face security threats
Apple’s crypto users have been facing serious security threats. Last month, it was revealed that a zero-click vulnerability allows attackers to compromise iPhones, iPads and Macs without user interaction. Apple released security patches across multiple OS versions to fix the flaw.
Earlier this year, Kaspersky warned that malicious software development kits used in apps on Google’s Play Store and Apple’s App Store are scanning users’ photo galleries for crypto wallet recovery phrases.
Last year, Trust Wallet also warned Apple users to disable iMessage due to “credible intel” of a high-risk zero-day exploit circulating on the Dark Web that could let hackers take control of iPhones without user interaction.
Magazine: Can Robinhood or Kraken’s tokenized stocks ever be truly decentralized?
