Your computer’s graphics card is a wonderful tool for gaming and artistic work, but it may GPUs as Trojan horse for malware. Cybercriminals are developing methods to insert malicious malware into your system by exploiting graphics cards and their VRAM. The method is said to have worked during a proof-of-concept attack on AMD, Intel, and Nvidia discrete and integrated GPUs.
Because antivirus software cannot currently examine the graphics card’s internal video RAM or VRAM. Hackers are now targeting GPUs to do their evil work. Conventional methods, on the other hand, that target the system’s main memory would activate the antivirus program.
A brief description of the assault was posted on a hacker site, where one vendor was offering to sell his proof-of-concept strategy for attacking GPU VRAM, according to Bleeping Computer. The method worked with Intel’s integrated UHD 620 and 630 GPUs. It can also work with discrete choices like the AMD Radeon RX 5700 and Nvidia GeForce GTX 1650, according to the manufacturer. It’s unknown whether the attack will work on other GPUs, such as AMD’s newest Radeon RX 6000 series and Nvidia’s GeForce RTX 3000 series, both of which have had high demand and limited supply.
Proof of concept-GPUs:
On August 8, a listing to sell the proof of concept was published. On August 25, a listing to sell the exploitation technique was published. Albeit no details about the transactions were revealed. Who bought the hack and how much it cost is unknown.
The details about the exploit sold to other hackers are unknown. Cyber security researchers at VX-Underground claim that the method allowed the code to run on the GPU and in the VRAM rather than the CPU. According to the researchers, they will demonstrate the exploit method in the near future.
While cyber-attacks on the GPU aren’t as common as they once were, the technique isn’t entirely new. This latest exploit follows JellyFish, a six-year-old proof-of-concept.
Researchers used a GPU-based key logger in the JellyFish proof of concept to take advantage of the graphics card. According to Bleeping Computer, the seller of this latest GPU-based hack denied that his method is similar to JellyFish.
There is the possibility that your GPU could be used by a malicious actor to hide and execute malware in the future. PC owners, gamers, and creators should be wary of suspicious emails, links, files, and downloads. This is particularly important because malware that resides in VRAM can go undetected by antivirus software.