Malware, Malware Everywhere

The latest wrinkle in the malware scene is the revelation that malware can "hide" in your GPU (Graphics Processing Unit - or "video card" to us oldsters). It can also be present in the memory on other hardware, such as network cards. Antivirus software typically does not scan these memory areas, so that's kind of an ugly scenario.
Patrick Stewin has demonstrated a a detector which can be built to find sophisticated malware that runs on dedicated devices and attacks direct memory access (DMA).
This will mean that it will finally tell us how effective crackers have been at getting malware into graphics and network cards.

The code has managed to find attacks launched by the malware, dubbed DAGGER, which targeted host runtime memory using DMA provided to hardware devices.

DAGGER attacked 32bit and 64bit Windows and Linux systems and could bypass memory address randomisation. It has now been developed to a point where the host cannot detect its presence, Stewin said.
 TechEye



Comments