Meltdown and Spectre Malware Samples Emerged

0
1145
Virus attack concept. Control panel with red light and warning. Conceptual image symbol of computer infection.

Security has always been one of the major concerns of the cyber world. There are numerous greedy hackers trying to penetrate different systems to steal data and sensitive information like passwords, credit card pins etc. Moreover, system flaws and other issues increase the chance of unauthorized accesses. In today’s cyber world, a security software is a must-have solution for everyone – personal to enterprise field. How good is your security software? AV-Test recently disclosed several malware samples that use Meltdown and Spectre.

At first, let’s talk about antivirus and internet security. Many users get confused with these terms. An antivirus is a security program that will keep you safe from being infected by any virus program. In the case of internet security, it protects you from virus and other malicious contents and actions from the web. Internet security, besides an antivirus, contains a firewall, phishing detection, identifying keyloggers and better protection against Trojans and worms.

The Meltdown and Spectre

Recently, the discovery of Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715) simply devastated the viewpoint of security of everyone. These flaws being present in both hardware and software are very scary and dangerous ones. These flaws affect almost every single device in the world. When executing perfectly designed malware, not even the security solutions can defend against that. However, the world is now starting to recover the damage through security patches and software upgrades. Permanent recovery will complete only when all the affected hardware is replaced.

Now, we have the malware samples that use the Meltdown and Spectre vulnerabilities. The famous security testing firm AV-Test reported on February 1, 2018, that they have collected 139 malware samples related to Meltdown & Spectre. However, the total volume of such malware is a lot higher what other security vendors see.

Security vendors

At McAfee, the vendor is watching more Meltdown and Spectre related malware samples than AV-Test. According to Raj Samani, Chief Scientist at McAfee told that the number of samples exceeds 400, and Spectre is the more dominant target than Meltdown. Samani also added that the samples are predominantly targeting the United States and Western Europe.

Michal Salat, Threat Intelligence Director at Avast, said that the samples of AV-Test are quite a few compared to the number of files that Avast scans every day – thousands of malicious files per day. However, he added that the AV-Test samples seem to be variations of the proof of the concept code.

Fortunately, such malware isn’t widespread & massive attack campaign. The security vendors have ensured that their programs have active detection capabilities in place. Additionally, you can take several steps to ensure tighter protection, like updating your OS & all other software, installing the latest patches and security updates etc.

Looking for the best antivirus for yourself? Check out our list of best antivirus 2018.

LEAVE A REPLY

Please enter your comment!
Please enter your name here