139 Malware Samples Exploiting Spectre and Meltdown Discovered

Meltdown, Spectre, exploits found in wild

Just when you thought it was done, it returns again: a spectre in the corner of your eye.

Researchers have discovered 139 malware samples designed to take advantage of the Spectre and Meltdown microprocessor exploits, revealed to the public in the first weeks of this year. So far, the samples discovered appear to be in their infancy—proof-of-concept codes that are not yet functional.  Researchers express dismay however, as the obvious intention is to discover and utilize a functional exploit. This could spell disaster for enterprises and users around the world.

According to a report by NetworkWorld, anti-malware tester AV-TEST has observed an uptick in Spectre and Meltdown exploit samples; on January 17, they noted only 77 such samples. The first such codes appeared almost immediately after the Spectre and Meltdown flaws were first reported. The majority of them are utilizing JavaScript as their infection vector—a sensible approach, since Apple and and Microsoft have already deployed patches for their users.

Spectre and Meltdown patches, however, have encountered their own host of issues. Intel, one of the largest microprocessor manufacturers, had to ask users to stop deploying their patches due to complaints of blue screen of death issues and unacceptable slowdowns of up to 25%. There has also been some controversy about the manner of their announcement, especially concerning when the public was informed and allegations of insider trading.

Spectre and Meltdown allow hackers to exploit the natural speculative execution functions of microprocessors to access vital stored data, including passwords. Because nearly every endpoint and server uses a microprocessor, this renders virtually every system vulnerable to significant data breaches.

Until recently, there was no evidence of a Spectre and Meltdown exploit in the wild. However with each passing day, the possibility of such a hack increases. Some researchers are convinced that, because these are inherent hardware flaws, the only true solution is a complete hardware replacement; this would constitute an unimaginable expense both for the manufacturers and the users.

Ben Canner

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner

Leave a Reply

Your email address will not be published. Required fields are marked *