A weaponized malware is now available on the public domain
A working exploit that is capable of doing actual damage has been made available online.
This fully weaponized exploit takes advantage of the Spectre CPU vulnerability.
The Spectre issue is a CPU bug that is due to a hardware design flaw in the architectures of Intel, AMD, and ARM processors.
This flaw allows code running inside of bad apps to break the isolation between different applications at the CPU level.
Those bad apps can then steal sensitive data from other apps that are running on the same system.
While there have been previous exploits for Spectre made available online, those previous exploits were classified as harmless variations on the public PoC code that was published by Spectre researchers.
This newest exploit, discovered by French security researcher Julien Voisin, is different in the way that it can cause actual damage by dumping the contents of /etc/shadow.
This particular file stores details on OS user accounts.
Copies of this Spectre exploit have been making their rounds in Discord and Telegram channels and it’s only a matter of time before threat actors begin to act on this information with malicious intent.
As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648