Intel Security - GPU Malware can be Made Harmless with Relative Ease

Softpedia.com reported on 1st September, 2015 quoting the company's researcher in the latest Threat Report of Intel Security as claiming "GPU malware can be rendered safe with relative ease."

GPU-based malware was analyzed because of a string of proof-of-concept (POC) projects which were earlier released on GitHub in May.

A group of developers created these projects which were known as Jellyfish and these include a rootkit and a keylogger for Linux machines and a RAT (remote access tool) for Microsoft Windows.

The developers of these tools claim that their tools were created to increase awareness for GPU-running malware and its potentialities along with the fact that several security products do not have the skill to scan and detect them.

Researchers of Intel have had their chance to examine the JellyFish PoCs (proof-of-concepts) and they assert that GPU malware can be effortlessly detected if scanning tools know about what to search for.

Securityweek.com published a report on 1st September, 2015 quoting a report of Intel Security as "GPU threats are a real worry but this kind of attack has not been perfect. On one hand, reverse engineering and forensic investigation of such threats is much more complicated and challenging than their pure CPU equivalents which may end in an infectivity going undetected for a longer period. The detection surface is reduced by stirring part of malicious code off the CPU and host memory which makes it harder for host-based defenses to identify attacks. On the other hand, the detection surface has not been wholly removed. Trace elements of malevolent activity remain at minimum level which allows endpoint security products to spot and correct the threat."

Computerweekly.com published news on 1st September, 2015 quoting Vincent Weafer, Senior Vice-President of McAfee Labs of Intel Security, as saying "We were impressed by the degree of acceleration of evolution of threats due to three main factors such as expanding attack surfaces, industrialization of hacking and the complexity and fragmentation of the IT security market. The cyber security community should continue to improve threat intelligence-sharing, recruit more security professionals and accelerate innovation in security intelligence to keep pace with such momentum of cyber attacks. The cyber security community should also continue to engage governments so that they can fulfill their role to safeguard citizens in cyber space."

» SPAMfighter News - 9/9/2015