Sada je: 18 tra 2024, 05:18.
Prikaz ispisa
Početna
Linux vijesti
Novosti iz Linux svijeta. Komentiranje vijesti s portala.

Moderator/ica: Moderatori/ce

Odgovori
Rootkit Jellyfish
Rootkit Jellyfish
12 svi 2015, 12:33
Citiraj (i odgovori)
Malware se sakriva u GPU

Rootkit koji skriva u GPU računala i može pročitati u tajnosti sve što pišete.

Jellyfish is a Linux based userland gpu rootkit proof of concept project utilizing the LD_PRELOAD technique from Jynx (CPU), as well as the OpenCL API developed by Khronos group (GPU). Code currently supports AMD and NVIDIA graphics cards. However, the AMDAPPSDK does support Intel as well.

Advantages of gpu stored memory:

-No gpu malware analysis tools available on web
-Can snoop on cpu host memory via DMA
-Gpu can be used for fast/swift mathematical calculations like xor'ing or parsing
-Stubs
-Malicious memory may be retained across warm reboots. (Did more conductive research on the theory of malicious memory still being in gpu after shutdown)


https://github.com/x0r1/jellyfish



Nadam se da je OK

LP b4sh
"The quieter you become, the more you are able to hear...."
Avatar
b4sh
Postovi: 440
Postovi: 440
Pridružen/a: 04 tra 2012, 21:31
Podijelio/la zahvalu: 11 puta
Primio/la zahvalu: 39 puta
Spol: M
OS: Debian
Vrh
Odgovori
Na mreži
Trenutno korisnika/ca: / i 13 gostiju.
Switch to mobile style
Napredna pretraga
Neodgovoreni postovi
Aktivne teme
Početna
Tim
Izbriši sve kolačiće