Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Running On Graphics Cards

Posted by CmdrTaco on from the freeing-up-the-cpu dept.

An anonymous reader writes "Given the great potential of general-purpose computing on graphics processors, it is only natural to expect that malware authors will attempt to tap the powerful features of modern GPUs to their benefit. In this paper, the authors demonstrate the feasibility of implementing a malware that can utilize the GPU (PDF) to evade virus scanning applications. Moreover, the authors discuss the potential of more sophisticated attacks, like accessing the screen pixels periodically to harvest private data displayed on the user screen, or to trick the the user by displaying false, benign-looking information when visiting rogue web sites (e.g., overwriting suspicious URLs with benign-looking ones in the browser's address bar)."

1 of 103 comments (clear)

  1. Is this possible in a correctly configured Linux? by erroneus · · Score: 0, Offtopic

    I don't want to plow the horn or wave the flag unless I know it's true. But given the various access levels and things that Linux uses in X.org and all that, I wonder if those same issues are more or less likely in a Linux + X situation?

    To my understanding, there is not direct reading or writing to the screen. There is screen capture functionality, but I don't know how it works or if it is simply a standard feature of the X window system (and either way, is THAT a vulnerability to be wary of?).

    In Windows land, with so many programs requiring "Administrator" level access (yes, I know, that situation is not nearly as bad as it once was, but still) this sort of malware attack vector seems as natural as any others. But does Windows security even consider this sort of breach? I imagine some aspects of device drivers are protected, but does it require privilege escalation to execute one of these attacks? I do recall that recently I was trying to use a PDF password cracker that enabled advanced CPU *and* GPU instructions to perform the processor work of trying to brute force attack a PDF open. I was not running as Administrator at the time but I don't recall that my user account has administrative privileges by default. (I don't believe it does though)