New GPU-based Linux Rootkit and Keylogger with Excellent Stealth and Computing Power by Swati Khandelwal.
From the post:
The world of hacking has become more organized and reliable over recent years and so the techniques of hackers.
Nowadays, attackers use highly sophisticated tactics and often go to extraordinary lengths in order to mount an attack.
And there is something new to the list:
A team of developers has created not one, but two pieces of malware that run on an infected computer’s graphics processor unit (GPU) instead of its central processor unit (CPU), in order to enhance their stealthiness and computational efficiency.
The two pieces of malware:
- Jellyfish Rootkit for Linux operating system
- Demon Keylogger
The source code of both the Jellyfish Rootkit and the Demon keylogger, which are described as proof-of-concepts malware, have been published on Github.
Until now, security researchers have discovered nasty malware running on the CPU and exploiting the GPU capabilities in an attempt to mine cryptocurrencies such as Bitcoins.
However, these two malware could operate without exploiting or modifying the processes in the operating system kernel, and this is why they do not trigger any suspicion that a system is infected and remain hidden.
…
As Swati says, proof-of-concept, but the distance between proof-of-concept and in the wild isn’t predictable.
After an overview of the rootkit and keylogger, Swati asks:
However, if exploited in future, What could be the area of attack vectors? Hit the comments below.
No comments as of 12:28 EST on Saturday, 9 May 2015.
One resource that may spur comments on your part:
Vulnerability analysis of GPU computing by Michael James Patterson.
Comments for Swati?