• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 18th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

139 Malware Samples Identified that Exploit Meltdown & Spectre Flaws

February 2nd, 2018 Waqas Malware, Security 0 comments
139 Malware Samples Identified that Exploit Meltdown & Spectre Flaws
Share on FacebookShare on Twitter

Hackers could be close to developing malware that exploits flaws, suggests a German cybersecurity firm.

AV-Test, an independent German antivirus testing and security software company, has managed to identify nearly 139 malware samples that most probably indicate growing craze among cybercriminals to exploit the recently discovered CPU bugs Meltdown and Spectre.

However, the majority of these samples are based upon already existing proof-of-concept coding from numerous security experts but it is indeed concerning that the number of unique samples has increased considerably over the past few weeks. The number of samples collected by AV-Test on January 7th was rather low but by January 21st the company managed to collect a hundred samples and at the end of January, the total count of samples reached 139.

Image: AV-Test

AV-Test wrote on Twitter that the 139 samples discovered by its researchers “appear to be related to recently reported CPU vulnerabilities. CVE-2017-5715, CVE-2017-5753, CVE-2017-5754,” and posted SHA-256 hashes of some of the samples.

#Spectre & #Meltdown: So far, the AV-TEST Institute discovered 77 samples which appear to be related to recently reported CPU vulnerabilities. #CVE-2017-5715 #CVE-2017-5753 #CVE-2017-5754 pic.twitter.com/J7LvweJCTP

— AV-TEST GmbH (@avtestorg) January 17, 2018

Google exposed the Meltdown and Spectre flaws on January 3rd, 2018 and since then OS developers, chip makers, and browser creators have been trying to release patches to mitigate the three different types of speculative side-channel attacks, which are believed to affect WebAssembly and JavaScript supporting browsers.

Apple had stated while releasing patches for the attacks that Spectre attacks are quite difficult to exploit even is the infected app runs locally on macOS or iOS device; but if the browser runs on JavaScript then the attacks are very much exploitable and if the attack meets success then it will leak all kinds of sensitive data including passwords.

According to AV-Test CEO Andreas Marx, each one of the samples can use one of the three attacks but in case the files contain “problematic program codes” then it is impossible to confirm that all of them can exploit the vulnerabilities successfully. Marx stated that it won’t be surprising to identify first targeted attacks or widespread use of malware but he also explained that such attacks will happen only if threat actors find it easy to exploit Spectre and Meltdown vulnerabilities as they are currently focusing more on ransomware and cryptojacking exploits.

“Due to the extremely high number of affected computers/systems and the complexity to ‘fix’ the Spectre-Meltdown vulnerabilities, I’m sure that the malware writers are just looking for the best ways to extract information from computers and especially browsers,” stated Marx.

Marx also believes that the malware developers are currently in the research phase in which they are trying to identify ways to exploit Meltdown and Spectre attacks because most of the samples are either recompiled of extended versions of the proof-of-concepts.

“Interestingly, for various platforms like Windows, Linux and MacOS. Besides this, we also found the first JavaScript POC codes for web browsers like Internet Explorer, Chrome or FireFox in our database now,” wrote Marx.

On Tuesday Fortinet’s FortiGuard Labs published a report after assessing these samples and expressed its concerns regarding the probable potential of Meltdown and Spectre malware targeting enterprises and users. The company concluded that 83% of these samples were proof-of-concept based while the remaining 17% were not publicly shared probably for being under NDA.

Fortinet has released various antivirus signatures to defend users against those samples but it would be difficult to detect other exploits that are related to these chip vulnerabilities and patch issues have further complicated the situation.

To mitigate the threat Marx suggests that if the PC is not in use for over an hour then it is a wise idea to switch it off and always close the browser while going out on lunch break because it will minimize the attack surface to a great extent and also prevent loss of energy.

Image credit: DepositPhotos/BeeBright [1] [2]

  • Tags
  • CPU
  • Cyber Crime
  • hacking
  • Intel
  • Malware
  • Meltdown
  • security
  • Spectre
  • Technology
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article Fileless WannaMine Cryptojacking Malware Using NSA Exploit
Next article Japanese boy arrested for developing cryptocurrency stealing malware
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
'Child's Play' - Kids breach and bypass Linux Mint screensaver lock

'Child's Play' - Kids breach and bypass Linux Mint screensaver lock

Warning as hackers breach MFA to target cloud services

Warning as hackers breach MFA to target cloud services

Google reveals high-profile attack targeting Android, Windows users

Google reveals high-profile attack targeting Android, Windows users

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
'Child's Play' - Kids breach and bypass Linux Mint screensaver lock
Security

'Child's Play' - Kids breach and bypass Linux Mint screensaver lock

901
Transferring data between smartphones seamlessly
Technology News

Transferring data between smartphones seamlessly

619
Infamous cybercrime, carding market Joker's Stash is shutting down
Cyber Crime

Infamous cybercrime, carding market Joker's Stash is shutting down

1146

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us