If you thought iPhones and Macs were safe from hackers, they are not. Academic researchers have developed a new attack method that can steal sensitive data from anyone using Safari on an Apple device.

As reported by BleepingComputer, this new side-channel attack was named iLeakage by a team of researchers from Georgia Tech, the University of Michigan, and Ruhr University Bochum. Launching this attack on a vulnerable Apple device could steal emails, passwords, and other sensitive data from Safari. However, the attack also works on Firefox, Tor, and Edge on iOS.

What is particularly worrisome about iLeakage is that it affects not only the best MacBooks using Apple Silicon, but also the best iPhones. This means that the M1, M2, and even new Macs with Apple's upcoming M3 chip could be affected.

iLeakage was developed by academic researchers and shares many similarities with the 2018 Spectre attack affecting Intel CPUs, but has not currently been used by hackers in their attacks. However, now that Apple Silicon has been found to be vulnerable to this type of attack, hackers may develop their own implementations of iLeakage or create similar attack methods in the future.

Because iLeakage is a novel attack technique, it is quite complex, and you can see all the details in this research paper (PDF) written by the team that developed it.

Essentially, the attack works by forcing Safari to render arbitrary web pages and then using speculative execution to recover sensitive information within them. The researchers were able to do this by overcoming side-channel protections implemented by Apple in Safari, such as low-resolution timers, compressed 35-bit addressing, and value poisoning.

They also used speculative disruption to bypass these limitations, which allowed them to leak emails, passwords, and other sensitive data from targeted pages. In a series of YouTube videos (Demo 1, Demo 2, Demo 3), the researchers showed how they were able to use LastPass to steal Gmail messages as well as retrieve passwords from an Instagram test account that was auto-filled in Safari

Here is the link.

From here, they went a step further and demonstrated that the iLeakage attack also works on Chrome for iOS. This is possible because Apple's policy requires all third-party browsers for iOS to be overlays that run on top of Safari, which uses a JavaScript engine.

Apple has not yet officially commented on these new iLeakage attacks, but in an email to Tom's Guide, an Apple spokesperson clarified that the company is aware of this issue and that it will be addressed in the next scheduled software release .

All Apple devices released after 2020 that use the company's A-Series or M-Series ARM processors will be affected by iLeakage. The attack is essentially undetectable because it leaves no traces on the victim's device.

Fortunately, the researchers behind iLeakage privately disclosed this new attack to Apple last September, and the company has developed a mitigation for macOS. Notably, the researchers say that the attack is difficult to execute because it requires advanced knowledge of browser-based side-channel attacks and a Safari implementation. Nevertheless, if you are concerned, here are some measures you can take to keep your Mac safe if you are using macOS Ventura 13.0 or later.

To start, open Terminal on your Mac and run "defaults write com.apple.Safari IncludeInternalDebugMenu 1" to enable Safari's hidden debug menu. Now when you open Safari, you will see the debug menu, which you can use to open the "WebKit Internal Features" setting. When scrolling through this menu, you must enable "Swap Processes on Cross-Site Window Open." This will protect you, but may cause stability issues on your Mac. For this reason, you may want to hold off on dealing with iLeakage and wait until Apple officially addresses it in the next major software update.

To protect your Mac from malware and other viruses, you should also consider installing the best Mac antivirus software. Similarly, Intego Mac Internet Security X9 and Intego Mac Premium Bundle X9 can scan iPhones and iPads for malware, but they require a USB cable to connect to your Mac to do so.

Unlike zero-day flaws that hackers often use in their attacks, iLeakage is a proof-of-concept showing that Apple Silicon is as vulnerable to side-channel attacks as processors from Intel, AMD, and other chipmakers. We may learn more in the future, but it won't happen until the iLeakage fix is rolled out, and even then, Apple tends to keep things close to the chest regarding vulnerabilities and new attack methods.