The complex Meltdown and Spectre vulnerabilities are giving intense headaches to security researchers. Even though fixes for these flaws have been released, they were not bug-free and caused companies like Intel to halt their updates. As it could be expected, hackers are finally trying to take advantage of this frightening situation: file samples, exploiting Metldown and Spectre are being detected on a regular basis.
Spectre and Meltdown vulnerabilities inspire hackers to experiment
Spectre and Metldown were the two vulnerabilities that definitely got a lot of buzz.Manufacturers of processors revealed that basically all modern computers, servers, smart phones and other devices are in danger because of these two flaws. If exploited correctly, vulnerabilities could give hackers a chance of fully accessing everything that is stored in a device. This includes photos, text messages, camera, microphone and etc.
While there have been no actual attacks with this type of malware, but researchers are warning people that it is just a matter of time. Hackers have been experimenting with exploitation of Metldown and Spectre vulnerabilities ever since PoC codes were released. Crooks’ goal is to find a way to use the released codes for their advantage. As soon as they are ready for battle, hackers will not hesitate to threaten the cyber world with their masterpieces.
The number of malicious samples is increasing daily
Even though samples of malware based on Metldown and Spectre have been found, researchers have very little knowledge about the actual experiments that hackers are doing. Therefore, it is very easy for them to be blindsided with disturbing, highly-intimidating attacks. In total, specialists estimate that approximately 130 malware samples have been already detected, and the number is rapidly increasing daily.
For now, security researchers can do very little to protect people from losing their personal information. As we have mentioned, patches have been released, but none of them proved themselves to be appropriate. Announcing vulnerabilities to the public before they are actually fixed is a gamble. Companies rarely do this because they do not want to put their users in danger. However, now millions of people are facing the threat of becoming infected with malware inspired by Metldown and Spectre.
Since there is no way of guaranteeing that your device won’t become a victim, users should still follow a couple of recommendations. It is important to never download unknown software. Furthermore, protect operating systems with legitimate and credible anti-malware tools. While these attempts can protect you, it is difficult to predict the actual form of the upcoming malware.
Source: pcgamer.com.
