You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
For years, there was no attempt to leverage recently disclosed vulnerabilities that exist in a wide range of processors. That's obviously because hardly anyone knew they existed. But now that Spectre and Meltdown are public knowledge, you can expect that to change. The question is, when?
AV-Test plotted out the rise in unique malware detections related to Meltdown and Spectre in a graph, which shows a steep climb over the past month. However, most if not all of them are proof-of-concept samples, most likely developed by the security community at large.
That is the determination by Fortinet, anyway. Fortinet analyzed a large chunk of available malware samples based on Meltdown and Spectre and found they were all experimental in nature.
"FortiGuard Labs has analyzed all of the publicly available samples, representing about 83 percent of all the samples that have been collected, and determined that they were all based on proof of concept code. The other 17 percent may have not been shared publicly because they were either under NDA or were unavailable for reasons unknown to us," Fortinet said.
Playing it safe, Fortinet also updated its antivirus definitions to include protections against the malware samples it analyzed.
Samples have also been detected at VirusTotal. In addition, Mozilla previously confirmed that Spectre can be remotely exploited by embedding malicious code into JavaScrip files on webpages.
"Several recently-published research articles have demonstrated a new class of timing attacks (Meltdown and Spectre) that work on modern CPUs. Our internal experiments confirm that it is possible to use similar techniques from Web content to read private information between different origins. The full extent of this class of attack is still under investigation and we are working with security researchers and other browser vendors to fully understand the threat and fixes," Mozilla said at the beginning of January.
So what does all this mean? In short, it means we are probably going to see some real-world attempts at exploiting Meltdown and Spectre sometime in the near future.
