Wait for next wannacry? Malware ready to exploit Meltdown and Spectre!

Spectre and Meltdown 3/5 (1)

Security researchers have discovered more than 130 samples of malware trying to exploit the Spectre and Meltdown CPU vulnerabilities.

Researchers from German antivirus testing firm AV-TEST said that till yesterday they have detected 139 malware samples attempting to exploit the CPU vulnerabilities.

The firm has previously reported the discovery of 77 unique samples of Meltdown and Spectre malware on January 17 and which raised to 119 on Jan 23.

Most of the malware sample discovered are based on proof-of-concepts published online by the security researchers.

Researchers also said that they discovered the first JavaScript PoC codes for web browsers like IE, Chrome or Firefox.

Researchers from Fortinet’s FortiGuard Lab said that they have analysed all the available samples of the malware and they have also updated their antivirus software to include protection against analysed malware samples.

“FortiGuard Labs has analyzed all of the publicly available samples, representing about 83 percent of all the samples that have been collected, and determined that they were all based on proof of concept code.  The other 17 percent may have not been shared publicly because they were either under NDA or were unavailable for reasons unknown to us.” said in the report published by Fortinet.

Earlier before two days, Microsoft has released an emergency patch which would disable the patch released by Intel.

The patch released was intended to secure devices from meltdown and spectre vulnerabilities but experts discovered that there is a chance it can cause accidental data damage to devices.



Please rate this content