Chip vulnerabilities Meltdown and Spectre have been called the most significant cyber flaws of the last two decades, and patching is vital. However, Malwarebytes has said that it's important to be careful about where those patches come from, after discovering fake downloads on a German website.
Both Meltdown and Spectre, which together affect hardware from all major vendors, exploit the ways in which chips use speculative execution to steal sensitive data from vulnerable systems. These can be physical computers or virtual machines in the cloud.
Malwarebytes has found one particular patch, ostensibly aimed at German users, that appears to be jumping on the Meltdown/Spectre panic; it is actually malware known as Smoke Loader.
A newly-registered domain, using iconography that suggests it is an official page from the German Federal Office for Information Security, shows an information page with links to external resources about the two vulnerabilities. However, it is really a phishing site, with a link to a ZIP archive that contains the malware (posing as ‘Intel-AMD-SecurityPatch-10-1-v1.exe').
Smoke Loader was first found several years ago, with an early version appearing on the dark web in 2011. It got its name from the virtual smokescreen that it creates to hide itself once installed.
After a system is infected, the malware will attempt to connect to various domains and download additional payloads.
Malwarebytes alerted CloudFlare and Comodo to the website - which used to HTTPS security certificate - and had it removed. Remember that HTTPS is only a verification that data sent between the site and a computer is encrypted, not that it is safe.
Microsoft seizes control of phishing sites linked with Russian state hackers
Fitness trackers over-estimate the number of steps their users take, analysis of 67 research reports suggests
Everything we think we know about the imminent Apple iPhone 9, iPhone 11 and iPhone 11 Plus launches
All the latest rumours about Apple iPhone Displays, CPUs, launch dates and even prices
Nvidia brings Turing microarchitecture into the high-end gaming segment