HTML Image
Forum: 1 Lucky Nerd

  1. Forum
  2. FidoNet
  3. CONSPRCY

  • CPU microcode hack could

    From Mike Powell@1:2320/105 to All on Tuesday, May 13, 2025 11:18:00
    [Forget ransomware. Think of what this could do to machines running AI.]

    CPU microcode hack could infect processors with ransomware directly

    Date:
    Mon, 12 May 2025 16:00:00 +0000

    Description:
    A researcher created a working PoC for a ransomware strain that bypasses all antivirus programs.

    FULL STORY

    A security researcher wrote ransomware code that infects the computers CPU, making it invisible to virtually every antivirus program out there, and
    making it persistent even when the victim takes out and replaces the
    computers hard drive.

    This is according to The Register, who recently spoke with Christiaan Beek, a cybersecurity researcher from Rapid7, who claims to have created a Proof-of-Concept (PoC) for such ransomware.

    Malware at the CPU level is not exactly arcane science. Weve seen it in the past, with the likes of JoLax, CosmicStrand, and other UEFI firmware
    rootkits. However, this is the first time someones successfully played with ransomware this way.

    CPU PoC

    Beek said that he got the inspiration from a bug in AMD Zen processors that allowed threat actors to load malicious microcode and break the encryption at the hardware level. This would have allowed them to modify the behavior of
    the CPU as they saw fit.

    Beek says that the leaked Conti chat logs from 2022 suggested that actual cybercriminals were discussing the same idea before, but they havent yet
    gotten to a working solution. At least, not that the cybersecurity community knows of.

    "If they worked on it a few years ago, you can bet some of them will get
    smart enough at some point and start creating this stuff," the researcher
    told the publication.

    He also said that he wont be releasing the code on the internet: "Of course,
    we won't release that, but it's fascinating, right?"

    Ransomware remains one of the biggest threats out there, with companies of
    all sizes losing billions of dollars every year. In fact, a recent Veeam
    study, which gathered insights from 1,300 CISOs, IT leaders, and security professionals across the Americas, Europe, and Australia, found that nearly three-quarters of businesses were impacted by ransomware over the past year .

    Via The Register

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/cpu-microcode-hack-could-infect-process ors-with-ransomware-directly

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

I recommend using



to connect to the BBS