SI
SI
discoversearch

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.
Technology Stocks : Off Topic (Every Day Technology)
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  
From: TimF9/2/2021 11:20:54 PM
   of 1560
 
Malware Finds a New Place to Hide: Graphics Cards
A proof-of-concept technique for executing malicious code on a GPU is out in the wild.
By Matthew Humphries
September 1, 2021

The biggest problem with graphics cards over the past 18 months has been actually finding one to buy, but it turns out they could soon pose a serious malware threat to your PC.
As Bleeping Computer reports, a proof-of-concept (PoC) technique for both storing and executing malware on a graphics card has recently been sold on a hacker forum. In the forum listing, the seller explains how this technique avoids the RAM scanning performed by antivirus software, keeping the malicious code safe from detection. The malware runs using the GPU and the code is stored in VRAM.

For now, the technique is confirmed to only work on Windows machines, but it's compatible with a wide selection of GPUs and graphics cards. The seller tested the technique on Intel's UHD 620 and 630 GPUs, AMD's Radeon RX 5700, and Nvidia's GeForce GT 740 and GTX 1650, so it's presumed the same technique will work on other AMD and Nvidia cards/GPUs. Research team vx-underground also confirmed the malware can be executed on a GPU rather than a CPU.

The concept of GPU-based malware isn't new; a JellyFish GPU rootkit proof-of-concept was published in 2015. A GPU keylogger and trojan were also publicly shared by the JellyFish researchers, so the threat is a known one. However, the seller of this new PoC claims there is no association with JellyFish and that this is a new method of infiltration.

It's not known who purchased this latest PoC malware, but vx-underground plans to demonstrate the technique used "soon." Security researchers and vendors will no doubt be very keen to see it in action before quickly working on mitigation solutions to add to their consumer and business products. As ever with new security attack vectors, it's always a case of when rather than if they will be used.

pcmag.com
Report TOU ViolationShare This Post
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  

HomeMailHotSubjectMarksPeopleMarksKeepersSettings
Terms Of UseContact UsCopyright/IP PolicyPrivacy PolicyAbout UsFAQAdvertise on SI
© 2025 Knight Sac Media.  Data provided by Twelve Data, Alpha Vantage, and CityFALCON News