Hackers found a new way to store viruses in GPU memory

Published: 1st Sep 2021, 07:18 GMT   Comments

Malicious code hidden in VRAM, undetectable by antiviruses

A new cyberhack featuring graphics card memory.

According to Bleeping Computer, cybercriminals have found a new way to hide malware in graphics cards memory. This method of utilizing graphics card memory instead of system memory is undetectable by the antivirus software, the original advertisement on hacking forums claims.

The malware uses graphics memory allocation space, from where the code is executed. The technology uses OpenCL 2.0 API on Windows operating system, no other systems are affected by the malicious code.

The hacker confirmed that the code has been tested on Intel UHD 620/630 graphics as well as Radeon RX 5700 GPU and GeForce GTX 740M and GTX 1650 discrete cards. It is unclear if other graphics cards are affected, but assuming that this method uses OpenCL 2.0, it is very likely to be compatible with other modern GPUs.

Malware hidden in GPU memory advertisement, Source: Bleeping Computer

Using graphic memory to execute malicious code is not an entirely new topic. Back in 2015 researchers have demonstrated a proof of concept for a GPU-based keylogger and remote access trojans for Windows. The author of the new malware claims that his method is new and not associated with those methods.

Researchers from vx-underground will demonstrate the technique behind the new malware soon. They confirmed that the GPU executes malware binaries from within the GPU memory space.

Source: Bleeping Computer via Tom’s Hardware




Comment Policy
  • Comments must be written in English.
  • Comments deemed to be spam or solely promotional in nature will be deleted. Including a link to relevant content is permitted, but comments should be relevant to the post topic.
  • Comments and usernames containing language or concepts that could be deemed offensive will be deleted. Note this may include abusive, threatening, pornographic, offensive, misleading, or libelous language.
  • Comments complaining about the article subject or its source will be removed.
  • A failure to comply with these rules will result in a warning and, in extreme cases, a ban.
  • Please note that comments that attack or harass an individual directly will be deleted and such comments will result in a ban.
  • VideoCardz Moderating Team reserves the right to edit or delete any comments submitted to the site without notice.
  • If you would like to appeal for a comment section ban to be removed, please use this page.
  • If you have any questions about the commenting policy, please let us know through the Contact Page.
  • NEW: Due to the recent increased amount of spam all links will require moderator approval. 
Hide Comment Policy
Comments