Q
Manage Learn to apply best practices and optimize your operations.

What's the best way to mitigate the risk of GPU malware?

GPU malware is different from CPU malware and can't be detected and quarantined with the usual techniques. Here's how to combat this type of malware infection.

I heard about a new type of malware that can infect a computer's GPU rather than its CPU, and that this malware...

cannot be detected and quarantined by traditional means. What is the best way, then, to find the GPU malware and mitigate this risk?

Anywhere there is firmware that can be updated, there is the possibility for implanting malware. Most antimalware tools do not check the firmware for all of the devices on a system to determine if it has been compromised. It may not even be possible to analyze the firmware on an endpoint to determine if it has been compromised.

Graham Cluley blogs about new proof-of-concept malware, from Team Jellyfish, that hides in the GPU. Currently this GPU malware only works on Linux, but it could be applied to Windows and OSX in the future. Analyzing the endpoint directly won't necessarily detect the GPU malware, but if it uses the network connection of the compromised host, this network traffic could be detected. If network traffic is detected without an identified running process, that could be an indicator of malware buried deep inside the endpoint. The initial code executed to load the malware in the GPU could be detected, as could any files stored on the file system that were used in the attack.

For enterprises with high security requirements, mitigating the risk of GPU malware might require the removal of any internal device with firmware, but most likely fully replacing the hardware will be most effective since multiple internal components could have been infected. The firmware on the device could be updated with known, good firmware to clean the malware.

Ask the Expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)

Next Steps

Learn about the malware lifecycle and when to analyze threats.

Find out if Trojans that capture passwords can be mitigated.

Learn how to stop malware that uses bulletproof hosting sites.

This was last published in December 2015

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Does your organization's security program monitor for GPU threats?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close