Hackers Find Way of Hiding Viruses in GPU Memory
Mike Sanders / 2 years ago
Generally speaking, as long as the user isn’t too irresponsible (downloading more RAM, etc.), anti-virus programs are pretty decent at detecting any potential malware or virus’ lurking on systems. In terms of how they work, however, there is one area of memory that is largely ignored by the vast majority of programs (I’d say all, but I wouldn’t like to guarantee that), and that is your graphics cards VRAM.
Following a report via Videocardz, however, a hacker is looking to sell software that they claim can successfully place itself onto GPU memory, meaning that it would, pretty much, be entirely undetectable.
GPU Memory – The New Home of Malware?
We should start by noting that the concept of installing malware or virus’ onto graphics card memory isn’t new. To date, however, it has largely been an area mostly unexplored by the hacking community. Largely, I suspect, because it has been considered too difficult and/or impractical. However, a Russian user is claiming that not only have they designed a new piece of malware that can successfully do this, but that it utilises a brand new (and seemingly unknown) methodology that works on both AMD and Nvidia GPUs.
Currently offering it for sale, presumably to the highest bidder, while some might dismiss this claim, the person has said that they will publish proof of this working within the next few days!
What’s the Worry?…
While we’re not going to be alarmist and suggest that this is going to represent a huge problem for dedicated GPU users (because if you’re sensible with your online activities, it 99.9% probably isn’t), it should be noted that one of the key aspects of concern with this design is that, at least to my knowledge, no current mainstream anti-virus program actively scans graphics card VRAM. While we suspect that they will, with this news, now start investigating the possibility of doing this, it leaves a void period where a vulnerability might exist in GPUs that users can literally do nothing about.
On the whole, though, it’s probably safe to say that you shouldn’t worry too much about this. On the other hand, though, let’s also keep our fingers crossed that this is either a hoax or that it can be fixed relatively quickly!
What do you think? – Let us know in the comments!