Hackers Will Bypass Antivirus Software Using GPUs
Hackers may have found another way to bypass anti-virus software. Recent reports suggest that this time they will use graphics cards to do it.
Whatever you say about hackers, there's one thing you can not deny them - ingenuity. We've already had attacks using Steam, game content, vulnerabilities in CPUs, and even mice and printers. In this context, it's no surprise that GPUs are the next target. BleepingComputer reported the sale of an undetectable tool that enables hacking into a computer via the GPU's memory.
The messages on the hacker forum spotted by BleepingComputer did not contain any details about how the program worked - just an offer and confirmation of sale and a brief description. Nevertheless, it was reported that the vulnerability it exploits requires a Windows PC with support of OpenCL 2.0 or later, and it has been tested on GeForce GTX 1650, Radeon RX 5700, and Intel UHD 620 and 630 integrated chips.
The idea behind the tool is simple: it enables the hacker to place malware on the GPU's VRAM. This is troublesome in that all antivirus applications are limited to scanning RAM, so they are unable to detect threats present in the graphics card.
The idea is not entirely new. Already in 2015, there were reports about JellyFish - software that works on a similar principle (via MacIssues). Admittedly, back then it was just a test and proof of concept, but a report from BleepingComputer suggests that this time we can expect to see the solution used in practice. For now, the vx-underground group (which gathers information on malware) announced an imminent presentation of the technique.