Malware Hidden In Our GPU’s Memory Can Cause Serious Harm!

TECH NEWS – The graphics card’s (or GPU for short) memory can hide malicious code that even the antivirus applications can’t recognize!

 

Bleeping Computer reports that criminals in cyberspace have created a malware program that can be hidden in GPU memory and make it invisible to antivirus applications. This technique utilizes GPU memory allocation space, and the code is executed there. The OpenCL 2.0 API technology is used in Windows operating systems at the moment. The code has worked on Intel (UHD 620, 630), Nvidia (GeForce GTX 1650, GT 740M), and AMD (Radeon RX 5700) GPUs. All modern GPUs could be affected, given how all three manufacturers had successful tests. The technology was revealed via a hacker trying to sell it on a forum…

The rootkit (as it runs on such a low level that it cannot be identified and is malicious) basics was conceptualized by a research group in 2015  by putting a keylogger inside of a GPU that could activate remote access trojans into Windows operating systems. However, this new technique is a more recent concept, not derivative of the 2015 creation. “Under normal conditions, executing code on the GPU requires a controlling process running on the host. The host process adds a task on the command queue, eventually fetched and executed by the GPU.

However, GPUs have a non-preemptive nature: once the execution of a task is initiated, the GPU is locked with the execution of that task, and no one else can use the GPU in the meanwhile. This is particularly problematic when the GPU is used for rendering and computation, as this could generate undesired effects such as an unresponsive user interface. Consequently, the graphic driver usually enforces a timeout to kill long-lasting kernels to ensure proper behaviour. This could represent a significant limitation for GPU malware because the malicious kernel needs to be sent over and over in a loop, making it easier to detect in system memory. The first anti-forensic technique consists in disabling the existing timeout to take complete control of the GPU. For instance, in Vasiliadis et al. (2014), the authors disabled the GPU hangcheck to lock the GPUs indefinitely,” Science Direct says.

VX-Underground announced on Twitter to create a demonstration of a malware attack on Windows in September. The GPU will execute malware binaries from within the graphic card’s memory allocated spaces.

Source: WCCFTech

Spread the love
Avatar photo
Anikó, our news editor and communication manager, is more interested in the business side of the gaming industry. She worked at banks, and she has a vast knowledge of business life. Still, she likes puzzle and story-oriented games, like Sherlock Holmes: Crimes & Punishments, which is her favourite title. She also played The Sims 3, but after accidentally killing a whole sim family, swore not to play it again. (For our office address, email and phone number check out our IMPRESSUM)

No comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

theGeek TV