HomeWinBuzzer NewsMeltdown and Spectre Now Being Successfully Exploited by Malware

Meltdown and Spectre Now Being Successfully Exploited by Malware

Hackers have already started to successfully take advantage of the Meltdown and Spectre vulnerability, with over 100 samples found so far.


, the kernel-level bug affecting most and some AMD CPUs, has been public since earlier this month. Companies have since been scrambling to shore up their platforms against the flaw. It should probably be no surprise to read cyber-attackers have also been at work, albeit more nefariously.

German antivirus testing firm AV-Test says are already working on malware to exploit Meltdown and Spectre. The company has identified 139 samples of malware that are early attempts to attack the vulnerability.

“So far, the AV-Test Institute discovered 139 samples that appear to be related to recently reported CPU vulnerabilities. CVE-2017-5715, CVE-2017-5753, CVE-2017-5754,” the company wrote.

In response, AV-Test posted SHA-256 hashes of samples on 's VirusTotal that shows on some . Sample numbers have steadily increased since the first was seen on January 7. Over 100 samples were in place by the 21st of the month and yesterday the number had increased to 139.

AV-Test CEO Andreas Marx spoke to ZDNet and said all the malware successfully exploited Meltdown and Spectre.

“Due to the extremely high number of affected computers/systems and the complexity to ‘fix' the Spectre-Meltdown vulnerabilities, I'm sure that the malware writers are just looking for the best ways to extract information from computers and especially browsers,” he said.


Intel and various tech giants like and knew about the flaw since June 2017. However, they kept it secret to work on patches to fix the vulnerability. If users have downloaded those patches, their machine should be safe. However, Intel's own patch had problems and users are advised not to download it.

That means many machines are still vulnerable. Marx suggests things users can do to protect themselves:

“If you don't need your PC for more than an hour, switch it off. If you go for lunch or a break, close your browser. This should decrease your attack surface a lot and also save quite some energy,” said Marx.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News