On Wednesday, the tech world was rocked by revelations of a computer chip vulnerability that exposes critical data. Meltdown and Spectre are the names assigned to the newly discovered flaws which primarily affect Intel chips. From a security perspective, the bug concerns everyone who uses an Intel-powered device to connect to the internet, which is pretty much everyone. But from a practical perspective, the bug is already making its presence felt: today Bittrex exchange was forced to take numerous wallets offline while Azure servers were patched.
A Bug in the System
Computer bugs and vulnerabilities are discovered all the time, but the Intel one is particularly nasty. It risks leaving passwords and other critical data exposed on billions of internet connected devices, from smartphones to PCs. While patches are being rushed out for the major operating systems, hackers are trying to find ways to exploit the vulnerability, which could provide them with complete system access. Spectre forces programs to leak confidential data, while Meltdown noses around in the system kernel for the same purpose.
Cryptocurrency holders, who already face a heightened threat from hackers, have good reason to be concerned. In addition to affecting personal computers, Spectre and Meltdown spell danger for cloud-based systems. Cloud computing providers store data from multiple clients on the same server. If that server were to be exploited, it would theoretically be possible for an attacker to access multiple accounts.
A Dark Cloud
Cryptocurrency exchanges, whose websites carry a heavy load, are reliant on the cloud. While the likes of Amazon have been rushing to patch their servers, exchanges have been affected by outages and reduced service. Earlier today, Bittrex tweeted:
Azure accelerated a planned reboot due to the public Intel disclosure. Wallets will be online again once they complete post reboot audits.
At present, withdrawals and deposits for around 30% of the coins traded on the exchange are unavailable.
Several other exchanges were temporarily taken offline, with some platforms specifically referencing the patch, and others simply referring to maintenance. Among those affected were Einstein Exchange, CEX.io, and Kucoin. Hardware wallet manufacturer Ledger also updated concerned customers on the situation, tweeting:
There is an added issue regarding the Intel bug: as a consequence of patching it, system performance will be reduced by as much as 30%. Cryptocurrency miners are unlikely to be badly affected, as the process doesn’t involve making a high number of kernel requests. But for anyone who prides themselves on running an overclocked PC with a high benchmark, the slowdown may be hard to stomach.
Are you concerned by the Intel bug and do you think cryptocurrency holders should be worried? Let us know in the comments section below.