8028266661?profile=original 

Security experts are observing a rising level of malware strains, which are trying out the Spectre and Meltdown vulnerabilities.

As reported by the researchers from Fortinet, AV-TEST, and Minerva, a number of crooks test the publicly available proof-of-concept (PoC) computer code for the Spectre (CVE-2017-5715, CVE-2017-5753) and Meltdown (CVE-2017-5754) vulnerabilities.

AV-TEST experts have identified 119 virus samples, which are linked to the above-mentioned chip vulnerabilities.

Virus samples discovered after the unleash of PoC code

First virus strains set off to getting identified on VirusTotal immediately after the researchers who discovered the Meltdown and Spectre vulnerabilities released their PoC code. Based on Fortinet report, the majority of these malware types contain the PoC code.

It is possible some IT experts investigate and play with the PoC code, but security researchers are confident a number of samples were created by cyber criminals trying to find ways to use the PoC code with malicious intentions.

The speed at which brand new strains emerge and get detected by VirusTotal, indicates more and more efforts are being placed into testing the POC code on daily basis.

Additionally, not all virus variants end up on VirusTotal. Professional virus writers may decide to avoid malware repositories in order to make antivirus firms stay blind to what kind of malware is being created.

Web Misuse Confirmed

Spectre and Meltdown are very serious flaws that once misused may provide hackers with the way to access a great deal of data from the kernel memory as well as from other applications.

Mozilla team has recently confirmed our most awful fears. Spectre can be remotely used by including malware code into ordinary\routine JavaScript files transferred via web-pages.

The most probable scenario that we are going to see is that these flaws get exploited by state actors and after that enter the exploit kits space and later the spam campaigns.

Votes: 0
E-mail me when people leave their comments –

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!

lead