So They Put Ransomware on CPUs Now

Ransomware is a particularly vile type of malware that holds a device hostage by disabling it until the owner pays a ransom. Ransomware has been a sad reality of the computer world for decades now, but now that it’s been proven to be able to go straight to the heart of a computer—the CPU—it shines a light on a particularly threatening evolution of ransomware.

“Ransomware at the CPU level, microcode alteration, and if you are in the CPU or the firmware, you will bypass every freaking traditional technology we have out there,” the code’s creator told The Register, which reported the story.

Before you begin an anxiety spiral, Beek—the creator of the ransomware—isn’t going to release it. He’s a researcher who created a proof-of-concept to prove that it could be done, not one of the bad guys.

proof-of-concept only

White hats, or those who use hacking skills for good, often use proof-of-concepts to study threats in order to find ways to counteract or protect against them, or to alert companies to vulnerabilities in their software before a bad actor—a black hat—does.

Rapid7’s senior director of threat analytics, Christiaan Beek, “got the idea from a bad bug in AMD Zen chips that, if exploited by highly skilled attackers, would allow those intruders to load unapproved microcode into the processors, breaking encryption at the hardware level and modifying CPU behavior at will,” said The Register.

“Malware at the CPU level is not exactly arcane science,” opines TechRadar. “We’ve seen it in the past, with the likes of JoLax, CosmicStrand, and other UEFI firmware rootkits. However, this is the first time someone’s successfully played with ransomware this way.”

By infecting the CPU directly, it makes it harder to detect and dislodge. Common antivirus software would most likely fail to detect it, and even if you somehow figured it out, your options for treating the computer would be limited, since you’d have to replace the CPU if you couldn’t clear the ransomware from it.

“It’s not an entirely theoretical risk, though honestly very slim right now. There are some indications that criminals are moving toward this end goal…” says The Register. Luckily for us, Beek got there first. As far as we know.