The Meltdown and Spectre are, by far, the biggest security flaw ever discovered. It challenged how we perceive our hardware and software in the field of security. These 2 bugs affect almost all the processors – Intel, AMD, ARM etc. all. Different systems are affected differently, but all of them require proper patches. Researchers and developers are working hard to provide the best software solution, as hardware solution requires processor replacement, a very costly process that not everyone can pursue. A security patch is the best solution for now.
Hackers are never falling behind the trend of the present. They’re also trying hard to use these flaws to exploit systems. In this series of attempts, they’re now releasing fake update packages in the name of system patches. That package contains a heinous malware to take over your system.
Smoke Loader
Malwarebytes spotted that fake package. The firm has also identified a new domain that contains a whole bunch of info on how Meltdown and Spectre affect CPUs. Apparently, the website also contains some content from the German Federal Office for Information Security (BSI). The fake package is a ZIP archive link. The file name was “Intel-AMD-SecurityPatch-10-1-v1.exe”.
How it works
A victim trying to download and deploy the file installs Smoke Loader malware without any knowledge. Moreover, the installed malware downloads several more payloads by connecting to various domains and start sending encrypted data to servers. The website was also sending fake phishing emails. Here’s a screenshot of the website.
Here is the file that contains the malware. Note that Smoke Loader is capable of loading other bunches of malware additionally to wreak havoc on your system.
The identifier of the malware, Malwarebytes already contacted with CloudFlare and Comodo on such abuse. Even if this attack is diminished, hackers are already on the edge of inventing other methods.
How to stay protected
To stay protected, it’s always necessary to stay vigilant and aware of such spoofing. You need to use the best antivirus or internet security software to prevent any malware injection into your system. You’re also recommended to take a look at the top antivirus software 2018.
Because of the Meltdown and Spectre, Linux is the most vulnerable to these attacks. Linux is the most used OS in the top level of cyber world – supercomputers, servers etc. all run on it. Fortunately, there’s a tool that will take care of any Meltdown attack, allowing system admins not to install the buggy Meltdown patch that slowed down the system. Learn more about the tool.