HQ/EMEAFind out how we can help your business
Researchers discovered a new cybercriminal campaign called Inception that exploits that overlaps with the 2018 Spectre operation. Based on reports, the recent cyberattack exploits the CVE-2023-20569 vulnerability in the AMD Zeb CPU that could leak sensitive information.
The cybercriminal operation occurred several days after the disclosure of Zenbleed. This flaw is a critical bug that impacts the AMD Zen 2 processors.
The Inception campaign is the combination of two older threat attacks.
Inception is a new class of transient execution campaigns that activates by combining the previous Phantom speculation cyberattack and Training in Transient Execution (TTE).
Researchers explained that the exploit could enable attackers to deceive the CPU that an XOR command is a recursive instruction. Hence, the campaign could cause a state of a stack buffer overflow attack and expose arbitrary data from an unprivileged process that operates on any AMD Zen CPU.
Furthermore, the campaign could avoid mitigation protocols for all known speculative execution attacks that have been adopted.
Experts noted that any system with a compromised CPU could potentially be the target of the Inception attack. The campaign also includes a significant threat in the cloud computing feature, where numerous organisations share similar hardware infrastructure for storing data. Hence, the newly discovered cybercriminal campaign could endanger data security across virtual environments, cloud providers, and hardware manufacturers.
On the other hand, AMD acknowledged that the cybercriminal operators could trigger the process through a downloader malware after receiving the alerts about the exploit. However, the company has no idea that the flaw is being exploited in the wild, but it suggested that customers adopt the best security practices to mitigate its effects. In addition, firms should also have updated software and malware detection tools to avoid unwanted exploitation.
AMD has now rolled out microcode in Zen 3 and Zen 4 CPU architectures to address the exploit. Zen or Zen 2 CPU architectures are safe since they have a feature that flushes branch-type predictions from the branch predictor.
AMD looks to release the updated AGESA versions to ODMs and OEMs, and motherboard manufacturers included in its security update.
