Fake Meltdown and Spectre Patch – Beware of Malware

Windows Articles

How to Update to MIUI 12 via Fastboot

Greetings friends. The new version of the Android-based operating system MIUI 12 released this year, is still being deployed with some devices missing. On...

How to use modprobe command?

The modprobe command is a Linux administration system created for management, visualization, inclusion and exclusion. From loadable modules to kernel. Also, the Module is...

Install Virtualmin on CentOS 8

Hello, friends. In this post, you will learn how to install Virtualmin on CentOS 8. In addition to that, we will leave it ready...

Different ways to open File Explorer in Windows 10

Hello! Certainly the archive scan is an essential element when it comes to controlling the contents. It is even so important, that there are...

How to setup WireGuard VPN with ubuntu 20.04

Here, we will learn today how to configure WireGuard VPN with Ubuntu 20.04. Wireguard® is an amazingly straightforward yet quick and present-day VPN that...
Avatar
Mel Khamlichi
Webmaster and technical Director at Osradar.com Linux/Unix Guru Technology and hardware addicted Location : Amsterdam Netherlands

The Meltdown and Spectre are, by far, the biggest security flaw ever discovered. It challenged how we perceive our hardware and software in the field of security. These 2 bugs affect almost all the processors – Intel, AMD, ARM etc. all. Different systems are affected differently, but all of them require proper patches. Researchers and developers are working hard to provide the best software solution, as hardware solution requires processor replacement, a very costly process that not everyone can pursue. A security patch is the best solution for now.

Hackers are never falling behind the trend of the present. They’re also trying hard to use these flaws to exploit systems. In this series of attempts, they’re now releasing fake update packages in the name of system patches. That package contains a heinous malware to take over your system.

Smoke Loader

Malwarebytes spotted that fake package. The firm has also identified a new domain that contains a whole bunch of info on how Meltdown and Spectre affect CPUs. Apparently, the website also contains some content from the German Federal Office for Information Security (BSI). The fake package is a ZIP archive link. The file name was “Intel-AMD-SecurityPatch-10-1-v1.exe”.

How it works

A victim trying to download and deploy the file installs Smoke Loader malware without any knowledge. Moreover, the installed malware downloads several more payloads by connecting to various domains and start sending encrypted data to servers. The website was also sending fake phishing emails. Here’s a screenshot of the website.

Here is the file that contains the malware. Note that Smoke Loader is capable of loading other bunches of malware additionally to wreak havoc on your system.

The identifier of the malware, Malwarebytes already contacted with CloudFlare and Comodo on such abuse. Even if this attack is diminished, hackers are already on the edge of inventing other methods.

How to stay protected

To stay protected, it’s always necessary to stay vigilant and aware of such spoofing. You need to use the best antivirus or internet security software to prevent any malware injection into your system. You’re also recommended to take a look at the top antivirus software 2018.

Because of the Meltdown and Spectre, Linux is the most vulnerable to these attacks. Linux is the most used OS in the top level of cyber world – supercomputers, servers etc. all run on it. Fortunately, there’s a tool that will take care of any Meltdown attack, allowing system admins not to install the buggy Meltdown patch that slowed down the system. Learn more about the tool.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to Update to MIUI 12 via Fastboot

Greetings friends. The new version of the Android-based operating system MIUI 12 released this year, is still being deployed with some devices missing. On...

How to use modprobe command?

The modprobe command is a Linux administration system created for management, visualization, inclusion and exclusion. From loadable modules to kernel. Also, the Module is...

Install Virtualmin on CentOS 8

Hello, friends. In this post, you will learn how to install Virtualmin on CentOS 8. In addition to that, we will leave it ready...

Different ways to open File Explorer in Windows 10

Hello! Certainly the archive scan is an essential element when it comes to controlling the contents. It is even so important, that there are...

How to setup WireGuard VPN with ubuntu 20.04

Here, we will learn today how to configure WireGuard VPN with Ubuntu 20.04. Wireguard® is an amazingly straightforward yet quick and present-day VPN that...
x