Malware hidden in Nvidia GPUs can infect Macs too, say developers behind proof of concept
Anonymous developers who have successfully infected Nvidia GPU cards with malware on both Linux and Windows machines say that the same can be done on Macs, and that they will release the proof soon. The aim of the whitehat developers is to raise awareness of this new method of attack, reports IT World.
The team successfully created a piece of malware called WIN_JELLY which acts as a Remote Access Tool, enabling attackers to control a machine over the Internet. They now plan to release a version for OS X called MAC_JELLY, demonstrating that Macs too are vulnerable.
There are, they say, two core problems. First, the growing power of modern GPUs means that it is increasingly common for processing tasks to be passed to them, something that would look legitimate to the OS. Second, most security tools designed to detect malware don’t scan the RAM used by the GPU.
The developers hint that the Mac version of the exploit will use OpenCL, a framework for writing code that can run on multiple platforms – including GPUs – and which is installed as standard as part of OS X.
While Mac and iOS malware is rare, neither platform is immune from attack. Wirelurker was last year found to be capable of infecting non-jailbroken iOS devices when connected to Macs running compromised software, and Flashback infected hundreds of thousands of Macs back in 2012.
Apple recently pulled many antivirus apps from the iOS app store, though this may be because many of them performed no useful function.