Fresh Linux Rootkit Now Leverages Machines of Windows Also

COMPUTERWORLD reported on 11th May, 2015 stating that a team of unknown developers who of late developed a Linux rootkit running on graphics cards have released a fresh proof-of-concept malware with same effect on Windows in addition to working of a Macintosh OS X implementation.

The creators are trying to proclaim that malware can taint GPUs and the security industry is unknown of it. Their purpose is not to alert malicious criminals but the release of unfinished and buggy designed source code could be potentially built upon and employed for criminal purposes.

Net-security.org published a report on 11th May, 2015 quoting Team Jellyfish as saying "We are still rotating around ideas and virtual code upon what we think is cool and so we apologize to anyone dissatisfied because of existence of buggy still-in-beta application. Our aim was to inform everyone about the existence of gpu based malware and obviously we succeeded from telling what has been publicized."

The creators are aiming to highlight the problem which does not exist in the operating system like Linux or Windows nor with the GPU (graphics processor unit) sellers but the problem is with current security tools that are not designed to scrutinize the random access memory (RAM) employed by GPUs for malware code.

According to developers, the new Windows malware which is planned for demonstration is known as WIN_JELLY and acts as a Remote Access Tool or Trojan (RAT).

Experts say that besides the malware tapping GPUs to mint Bitcoin and other crypto currencies, they are not aware of active circulation of malicious software in the wild which makes use of graphics processors of infected computers. However, most or all those titles run mainly on CPU and discharge only the computationally intensive workloads to the GPU.

In March 2014, researchers of Kaspersky Lab recognized highly refined malware in the wild which infected firmware running 12 different models of hard drives. The creator of the malware is a group which had flown under the radar for 14 years.

Experts commented that although the code running on the GPU is almost undetectable today, it would not be surprising to realize that state governments had already exploited these weaknesses for detection.

» SPAMfighter News - 5/21/2015