Malware, Threat Management

Malware concealing tool in GPUs being sold

BleepingComputer reports that cybercriminals have been marketing a proof-of-concept technique that could enable malicious code in GPUs to evade system RAM security scanning tools early last month, with the PoC sold last week.

The technique, which leverages the GPU memory buffer for malicious code storage and execution, only works on Windows systems supporting OpenCL framework versions 2.0 and above, according to the advertiser, who tested the code on AMD, Intel and Nvidia graphics cards.

The new malware code enables the GPU to execute the binary within its memory space, according to researchers at the VX-Underground threat repository, who added that the technique will be demonstrated soon.

Meanwhile, another hacker forum member likened the GPU-based malware to the six-year-old JellyFish PoC for a Linux-based GPU rootkit.

Researchers previously discovered that malware developers could significantly accelerate the inclusion of complex encryption schemes in malware code using GPU computational power rather than the CPU.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.