Ransomware is an ongoing threat in the tech landscape, designed to hold data hostage for financial gain. Recent advancements show that ransomware is evolving to exploit microcode on CPUs, a crucial component governing processor functionality. This change suggests a rising trend where malicious entities could manipulate the microcode, creating a serious security void.
A recent discovery concerning BIOS vulnerabilities demonstrated the possibility of modifying AMD’s older CPUs’ microcode, inspiring security experts like Christiaan Beek, an analyst at Rapid7, to explore ransomware development that leverages these vulnerabilities. Beek stated, “Coming from a background in firmware security, I thought I could create CPU ransomware.”
While he affirmed the development of this ransomware, there’s no intention to release it publicly. Beek notes the unique aspect of this malware is its ability to hide within a CPU’s microcode, thus bypassing existing security systems. This adaptation raises concerns over the efficacy of current protective measures against ransomware, highlighting a significant gap in cybersecurity practices.
“We shouldn’t have to talk about ransomware in 2025,” Beek noted, criticizing the tech industry’s lack of progression in this area despite technological advancements.
