Chip vulnerabilities Meltdown and Spectre have been called the most significant cyber flaws of the last two decades, and patching is vital. However, Malwarebytes has said that it's important to be careful about where those patches come from, after discovering fake downloads on a German website.
Both Meltdown and Spectre, which together affect hardware from all major vendors, exploit the ways in which chips use speculative execution to steal sensitive data from vulnerable systems. These can be physical computers or virtual machines in the cloud.
Malwarebytes has found one particular patch, ostensibly aimed at German users, that appears to be jumping on the Meltdown/Spectre panic; it is actually malware known as Smoke Loader.
A newly-registered domain, using iconography that suggests it is an official page from the German Federal Office for Information Security, shows an information page with links to external resources about the two vulnerabilities. However, it is really a phishing site, with a link to a ZIP archive that contains the malware (posing as ‘Intel-AMD-SecurityPatch-10-1-v1.exe').
Smoke Loader was first found several years ago, with an early version appearing on the dark web in 2011. It got its name from the virtual smokescreen that it creates to hide itself once installed.
After a system is infected, the malware will attempt to connect to various domains and download additional payloads.
Malwarebytes alerted CloudFlare and Comodo to the website - which used to HTTPS security certificate - and had it removed. Remember that HTTPS is only a verification that data sent between the site and a computer is encrypted, not that it is safe.
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software