Skip to main content
  1. Home
  2. Computing

GPUs could become Trojan horses for future cyberattacks

By
NVIDIA CEO Jensen Huang at GTC
Nvidia

The graphics card inside your computer is a powerful tool for gaming and creative work, but it can also potentially serve as a Trojan horse for malware. Cybercriminals are finding ways to exploit graphics cards and their VRAM to inject malicious code into your system. The approach is claimed to have worked during a proof-of-concept hack on both discrete and integrated GPUs from AMD, Intel, and Nvidia.

Because antivirus software today cannot scan the graphics card’s own video RAM, known as VRAM, hackers are now targeting GPUs to carry out their dirty work. On the other hand, conventional methods used today that target the system’s main memory would trigger the antivirus software.

Recommended Videos

According to Bleeping Computer, a brief description of the hack was posted on a hacker forum, where one seller was trying to sell his proof-of-concept method to exploit the VRAM on GPUs. The seller stated that the method worked on Intel’s integrated UHD 620 and 630 graphics, as well as discrete solutions including the AMD Radeon RX 5700 and Nvidia GeForce GTX 1650. It’s unclear if the attack would also work on other GPUs, like the recent Radeon RX 6000 series from AMD and the Geforce RTX 3000 series from Nvidia, both of which have seen high demand and short supply.

Get your weekly teardown of the tech behind PC gaming
Check your inbox!
Privacy Policy

The listing to sell the proof of concept was posted on August 8, and the method of exploit was sold on August 25, though details about the transactions were not revealed. It’s unknown who purchased the hack or how much was paid.

Though specifics about the exploit that was sold to other hackers are not known, cybersecurity researchers at VX-Underground stated that the method allowed the code to be run by the GPU and in the VRAM rather than by the CPU. The researchers said that they will be demonstrating the method of exploit soon.

While targeting the GPU for cyberattacks may be different from traditional hacks today, the method isn’t entirely novel. This latest exploit follows a similar proof of concept from six years ago known as JellyFish.

With the JellyFish proof of concept, researchers exploited the graphics card with a GPU-based keylogger. The seller of this latest GPU-based hack denied similarities behind his method and JellyFish, Bleeping Computer stated.

Given that your GPU could potentially be exploited by a malicious actor in the future to hide and execute malware, PC owners, gamers, and creators should stay vigilant of suspicious emails, links, files, and downloads. This is especially pertinent given that malware that sits in VRAM can be undetectable by antivirus software.

Editors’ Recommendations

Topics
Chuong Nguyen
Chuong Nguyen
Former Digital Trends Contributor
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
AMD’s multi-chiplet GPU design might finally come true
RX 7900 XTX installed in a test bench.

An interesting AMD patent has just surfaced, and although it was filed a while back, finding it now is all the more exciting because this tech might be closer to appearing in future graphics cards. The patent describes a multi-chiplet GPU with three separate dies, which is something that could both improve performance and cut back on production costs.

In the patent, AMD refers to a GPU that's partitioned into multiple dies, which it refers to as GPU chiplets. These chiplets, or dies, can either function together as a single GPU or work as multiple GPUs in what AMD refers to as "second mode." The GPU has three modes in total, the first of which makes all the chiplets work together as a single, unified GPU. This enables it to share resources and, as Tom's Hardware says, allows the front-end die to deal with command scheduling for all the shader engine dies. This is similar to what a regular, non-chiplet GPU would do.

Read more
These are the best GPU board partners to buy
The RTX 3060 installed in a gaming PC.

Buying one of the best graphics cards is a great way to ensure that your next graphics card upgrade is a good one. But it's not always as simple as just picking between AMD and Nvidia within your price range. You also have the third-party board partners to choose from, which take Nvidia's or AMD's GPUs and repackage them with different specs and shroud designs.

If you're looking to buy a new graphics card and want some help in choosing the right one for you, here are some of the best GPU manufacturers worth considering.
Nvidia Founders Edition

Read more
Snag Starfield and Lies of P for free with these AMD GPUs
AMD's RX 7700 XT in a test bench.

No one can argue with free games, and that's exactly what AMD is offering with the purchase of a new RX 7800 XT or RX 7700 XT. You'll have to spend hundreds of dollars on a GPU, sure, but at least you're getting some free games to try it out with -- as well as one of the best graphics cards available right now.

It's a choose-your-own-adventure style of promotion. AMD has four games available, and you get to choose two to keep. The list includes Starfield, Lies of P, Avatar: Frontiers of Pandora, and Company of Heroes 3, all four of which have seen promotions from AMD in the past. I'm partial to Lies of P, which catapulted to the top of my list of favorite games last year with its tight, Bloodborne-style combat and dark fantasy take on the classic tale of Pinocchio.

Read more