Warning: Fake Spectre and Meltdown patch spread Smoke Loader malware

Fake Spectre

One of the most common means of cybercriminals is to use fraud websites to deceive users by virtue of fashion trends. The recent Meltdown and Sprectre CPU security bugs that caught widespread publicity were exploited by these guys.

Malwarebytes has now discovered a fake update package that will install malware on the computer. The website also issued a document that a few days ago, they found a newly registered domain name, the domain name provides an information page that provides links to a variety of external resources Meltdown and Spectre on the above, and how it affects data processor. Although the site claims to be from the German Federal Office for Information Security (BSI), in fact, this SSL phishing site is not affiliated with any legal or official government agency.

Once the user has downloaded and installed the resources provided by the page, the PC is infected by malware named “Smoke Loader.” It further downloads more payloads by connecting to each domain and sends encrypted traffic.

 

Malwarebytes is currently contacted by CloudFlare and Comodo for processing. However, similar problems still exist. Therefore, users are advised to always be cautious and download updates only from trusted sources.

Reference: Malwarebytes