Computer

Beware, this malware uses the GPU and is undetectable by your antivirus

Just as most software developers include the latest security features in their projects, attackers are not far behind. By this, what we mean is that those in charge of developing malicious codes always try to search vulnerabilities and rear doors.

This malware uses GPU memory to be undetectable

Therefore, for years this has been a kind of battle between security companies and attackers, to see who is faster. In these lines we are going to tell you a new attack which at the moment is not detectable by the antivirus software you have installed.

As we discussed, below, we will talk about a new cyber attack with the memory of the graphics card as the protagonist in this case. And it is that from what has been learned now, some cybercriminals have found a new way to hide the malware in the memory of the pc graphics cards.

This method of using the memory of the graphics card instead of the memory of the system, what it does is that the malware is undetectable by the antivirus. Hence, the danger that all this has is multiplied in an ostensible way.

Graphics that can be infected by malicious code

To give us an idea, this particular malware uses the graphics memory allocation space. This is where the malicious code that infects the computer is executed. Technology uses OpenCL 2.0 API on the Windows operating system, as no other system supports this malicious code. It is worth mentioning that this malicious code has been tested in a Intel UHD 620/630, as well as the Radeon RX 5700 GPU. The cards have also been tested GeForce GTX 740M and GTX 1650. What is not clear is if on other graphics cards it would still work, but it is assumed that this method uses OpenCL 2.0 and is likely to be compatible with other modern GPUs.

Keep in mind that the use of graphics memory to execute malicious code is not something entirely new. We tell you all this because in 2015, some researchers showed a concept through a keylogger based on the GPU with remote access Trojans for Windows. With all and with this, the author of the new malware that we are talking about here now, affirms that his method is new and is not associated with those other past methods.

The technique used and what is behind the new malware is currently being studied. For now they have confirmed that the GPU runs the binaries of malware from its memory space, so we only have to wait to see how it all evolves.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *