It’s Happening – Attackers Start Testing Malware Exploiting Spectre and Meltdown Flaws

Author Photo
Jan 31
21Shares
Submit

The details of the Spectre and Meltdown bugs have been out in the public for a few weeks now and barely any devices are patched up against these security disasters. Security researchers now report having discovered over 130 malware samples trying to specifically exploit these recently discovered and patched vulnerabilities. Mostly in the testing phase, successful attacks in the wild are expected to begin soon.

Fortinet reported that the security firm is tracking malware samples exploiting the vulnerabilities, most of which are based on the available proof of concept. “The rate at which the cybercriminal community is targeting known vulnerabilities is clearly accelerating, with the WannaCry and NotPetya exploits serving as perfect examples of the need to patch vulnerable systems as soon as possible,” the company wrote. “Which is why our concerns were raised when we recently learned about some of the largest vulnerabilities ever reported – ones that affect virtually every processor developed since 1995 by chip manufacturers Intel, AMD, and ARM.”

spectre-meltdown-microsoftRelatedMicrosoft Releases Free Spectre, Meltdown Tool to Assess If Your Windows Machines Are Vulnerable

Researchers at AV-Test also reported seeing 119 new samples focused on these vulnerabilities between January 7 and January 22. In the past week, that number reached to 139. “Most appear to be recompiled/extended versions of the PoCs – interestingly, for various platforms like Windows, Linux and MacOS,” Andreas Marx, CEO of AV-Test, told SecurityWeek. “We also found the first JavaScript PoC codes for web browsers like IE, Chrome or Firefox in our database now.”

It should be noted that the currently available samples are still in the testing phase as attackers are actively looking into ways to exploit these to extract data from affected systems. The vulnerabilities could enable attackers to bypass memory isolation mechanisms and access everything, including sensitive data like passwords.

While software companies and chip makers are scrambling to release updates that don’t break systems, Marx also advises users to switch off computers and close web browsers when not needed, which “should decrease your attack surface a lot.”

Submit