Published in Graphics

GPU could be the next hacker target

by on13 May 2015

Rootkits for everyone

A team of anonymous developers who created a Linux rootkit that runs on GPUs has come up with a proof-of-concept malware does the same on Windows and say a Mac OS X is nearly ready.

According to IT World the team wants to raise awareness that malware can infect GPUs and that the security industry is not ready for it.

They say that the security hole is not with the operating systems, or even the GPU makers but existing security tools, which aren't designed to scan the random access memory (RAM) used by GPUs.

The new Windows malware, which is intended as a demonstration, is called WIN_JELLY and acts as a Remote Access Tool or Trojan (RAT)
A RATs can give give attackers extensive control over compromised computers and have been used in many targeted attacks.

Last week, a team of developers whose identities are not known published a proof-of-concept Linux keylogger called Demon. At the same time they released a rootkit for Linux systems dubbed Jellyfish that runs on GPUs.

The rootkit required AMD or Nvidia dedicated graphics cards and the OpenCL drivers. The Open Computing Language (OpenCL) is a framework for executing code on GPUs and other types of processors.

This requirement might limit the spread of such malware in the short term, discouraging its adoption by criminals, because many users don't have Nvidia CUDA installed on their computers. However, as more legitimate applications begin using GPUs for sophisticated mathematical calculations, the CUDA user base is likely to grow.

The team is also working on a tool called JellyScan that will allow system administrators and security researchers to detect GPU-based malware.

Rate this item
(4 votes)

Read more about: