Researchers at malware and security software testing company AV-TEST have discovered 139 samples of malware that "appear to be related to recently reported CPU vulnerabilities." Although most of the samples they discovered seem to be based on proof-of-concept software created by security researchers the number of unique samples is on the rise.
Typically, when a new vulnerability like Spectre or Meltdown is discovered the typical response is to patch your systems and shutdown the potential for thrust actors to exploit the weakness. But patches for these issues have been vexed so many people have either held back or not been able to update their systems.
Adding to the complexity is that fixes issued by Intel need to be passed to OEMs who then send them through their own update systems to end users.
AV-TEST's findings aren't surprising.
[UPDATE: 2018-02-01] #Spectre & #Meltdown: So far, the AV-TEST Institute discovered 139 samples which appear to be related to recently reported CPU vulnerabilities. #CVE-2017-5715 #CVE-2017-5753 #CVE-2017-5754
— AV-TEST GmbH (@avtestorg) February 1, 2018
We already know that most cyber-attacks take many weeks or months to detect. But the reality is the bad guys rely on us not patching systems. The vast majority of attacks are carried out using known vulnerabilities that haven't been patched. Those are easy pickings for cybercriminals as security researchers have done the hard work of finding the vulnerabilities and creating proof-of-concept code for how to exploit the flaws.
All the bad guys need to do is take that information and weaponise it.
If you have systems that haven't been patched - now is the time to get ahead of the bad guys. Most of the major software makers have issued patches that protect their software and, it seems, only a limited range of hardware is known to be affected by random reboots that have dogged some of the gear Intel has "fixed".