Fake Meltdown & Spectre Websites Target Users With Fake Patches

In a hardly surprising development, cyber criminals are looking to take advantage of the publicity surrounding the Meltdown and Spectre chip vulnerabilities by ensnaring users with phishing scams.

Researchers at cybersecurity firm Malwarebytes have discovered one such attempt targeting German users with fake guidance and patches through an official-looking website.

“While it appears to come from the German Federal Office for Information Security (BSI), this SSL-enabled phishing site is not affiliated with any legitimate or official government entity,” said researcher Jerome Segura.

Meltdown and Spectre scam

On the site is a link to a ZIP file alleging to be a patch for systems powered by Intel and AMD chips. Instead it is actually the Smoke Loader malware which once installed loads other payloads. Malwarebytes observed the software attempting to connect to various domains and send encrypted information.

The firm’s analysis also found that the abused SSL certificate associated with the ‘.bid’ domain was also linked to a German template for a fake Adobe Flash update.

“We immediately contacted Comodo and CloudFlare to report on this abuse and within minutes the site did not resolve anymore thanks to CloudFlare’s quick response,” added Segura. “Malwarebytes users were already protected at zero-hour against this malware.”

“Online criminals are notorious for taking advantage of publicized events and rapidly exploiting them, typically via phishing campaigns. This particular one is interesting because people were told to apply a patch, which is exactly what the crooks are offering under disguise.

“Also, remember that sites using HTTPS aren’t necessarily trustworthy. The presence of a certificate simply implies that the data that transits between your computer and the site is secure, but that has nothing to do with the intentions or content offered, which could be a total scam.

Loading ...

Meltdown and Spectre affect just about every single processor made over the past 20 years, causing emergency fixes and mitigations to be released for Windows, Mac, iOS and Android. Chips made by ARM manufacturers and AMD are also impacted.

Essentially, the vulnerabilities affect the kernel of the chips and could allow an attacker to read information that should otherwise be inaccessible. This means an attacker could obtain passwords, encryption keys or steal information from other applications.

Chip manufacturers, cloud providers and operating system developers have rushed to mitigate and fix the patch, which can cause a slowdown in performance on some systems, and it has been suggested that the patches are causing more problems than the threats they are supposed to fix.

Quiz: What do you know about ARM Holdings?

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

13 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

14 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

14 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

16 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

19 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

19 hours ago