The Inquirer-Home

Malware based on CPU profiles is coming

Deeper than the operating system
Thu Nov 11 2010, 13:53

AVOIDING Microsoft's Windows OS is a good way to avoid malware attacks, but that might not be the case much longer, with attackers turning their attention from software to CPU chips.

Traditionally malware targets vulnerabilities in the operating system, meaning users either have to put up with frequent patches and having to run and maintain anti-virus software or use alternatives to Microsoft's Windows. Now researchers from Ecole Superiore d'Informatique, Electronique, Automatique have demonstrated how to make malware target a particular processor, ignoring the operating system altogether.

Whether the attack is discriminating the operating system or the hardware, the fundamental technique is the same - find a flaw in the system and exploit it. And processors architectures can be identified by figuring out how the chip handles arithmetic calculations and the way it encodes numbers.

However this technique isn't quite as fine-grained yet as malware attackers might want. The researchers admit that their identification techniques cannot pin-point particular processors, however they say that such an attack could "enable far more precise and targeted attacks, at a finer level in a large network of heterogeneous machines but with generic malware".

More complex tests will have to be conducted in order to bore down to specific processor models, however even being able to target a family of processors should concern those who are forced to use machines based on particular architectures.

Being able to target specific hardware is particularly dangerous as certain industries specify hardware configurations that have passed relevant testing. While operating systems can be patched with relative ease, replacing hardware is something that is altogether more time consuming and costly. µ

 

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Microsoft's Windows 10 Preview has permission to watch your every move

Does Microsoft have the right to keylog users of its Windows 10 Technical Preview?