Hackers Have Started Exploiting Spectre and Meltdown Security Flaws

scroll down

Hackers Have Started Exploiting Spectre and Meltdown Security Flaws

Specter and Meltdown security flaws have put potentially millions of devices across the world at risk and it was only a matter of time before hackers started to exploit the Spectre and Meltdown Security flaws as security researchers have found 130 malware trying to exploit these security flaws.

According to researchers, these discovered malware samples are still in testing, however, it is only a matter of time before we hear about a successful attempt.

Fortinet is the security form tracking these malware samples trying to exploit Spectre and Meltdown security flaws. According to the firm, the hackers have become quite aggressive trying to exploit these flaws and it has become imperative to patch these exploits before these attackers are successful.

“The rate at which the cybercriminal community is targeting known vulnerabilities is clearly accelerating, with the WannaCry and NotPetya exploits serving as perfect examples of the need to patch vulnerable systems as soon as possible

Which is why our concerns were raised when we recently learned about some of the largest vulnerabilities ever reported – ones that affect virtually every processor developed since 1995 by chip manufacturers Intel, AMD, and ARM.”

Fortinet is not the only firm to report such malware targeting Spectre and Meltdown security flaws in systems. According to researchers at AV-Test, they have found 119 malware samples looking to exploit these security flaws just between January 7 and 22. According to the firm, this number increased to 139 in the past week. According to CEO Andreas Marx:

Most appear to be recompiled/extended versions of the PoCs – interestingly, for various platforms like Windows, Linux and MacOS. We also found the first JavaScript PoC codes for web browsers like IE, Chrome or Firefox in our database now.

It is important to note that these malware samples are still in testing and there have been no reports about any of them being successful. However, Intel, Microsoft and other Chip and OS developers need to patch these flaws quickly before someone is successful exploiting it.

Furthermore, Intel has promised that it will bring the Spectre Hardware fix for its chips by the end of 2018. Intel revealed that the company is working on a hardware fix for its next line of processors that will be available in 2019. According to CEO, the company plans ‘in-silicon” fixes by the end of the year.

What is your take on the situation? Do you think Intel or Microsoft or any other firm will be able to patch these security flaws? Let us know in the comments.

Source: WCCFTech