Can GPUs be exploited by cybercriminals?

Given the ubiquity of GPUs in the modern computing world, it's no surprise that they've become the target of attacks. But how can a GPU be hacked and are you at risk for such a case?

Can GPUs be hacked?

In short, yes. Theoretically, graphics cards can be hacked, especially when using malicious code. In fact, almost any type of computer hardware component is vulnerable. Motherboards, CPUs, SSDs, and more can be exploited by hackers, often through vulnerabilities, and GPUs are no exception.

In the case of GPUs, malicious code can be stored in the memory of the graphics card without the owner knowing about it. From here, hackers can initiate their malicious actions in the background.

How does GPU hacking work?

Now, you know that it is possible to hack a GPU. But have these mining operations been done in the past and are they common?

Currently, thankfully there are no notable examples of common GPU hacks, but cybercriminals have begun to conduct such attacks.

In August 2021, Bleeping Computer reported that a new type of GPU mining was for sale on a hacker forum. The mining method has been sold in the form of PoC (Proof-of-Concept). In other words, the technique is provided in a file demonstrating how this exploit can be used. The method is said to involve storing malicious code in the GPU's cache. From the cache, the code can be executed. Users who have posted this method say that the technique only works on Windows systems and can execute code on different processors using the OpenCL framework version 2.0 or later.

At the beginning of the article, the author thinks that this method can avoid the detection of anti-virus software through RAM scanning.

You might think all of this sounds pretty vague, but the creator of the mining method also claims to have tested the method on various GPU models, including the AMD Radeon RX5700 and NVIDIA GeForce GTX 1650. If true, this means that this method already works on some graphics cards.

This discovery seems to mark a point in the history of cybercrime, in which hackers began to turn to GPUs as an exploitative avenue.

One day, GPUs could effectively act as Trojan horses using this kind of approach. Given that Trojans are designed to hide and avoid detection by anti-virus software, they are capable of storing malware for long periods of time.

In March 2022, another related story arose. According to PC World, cybercriminals leaked NVIDIA's code-signing certificate through a hack, allowing malware files to be downloaded while evading detection by Windows Defender. Remote access Trojans can be deployed using some of these certificates, again highlighting the role that GPUs can play in deploying Trojan malware.

Currently, GPU hacks are not common, and it is likely that they will never happen. While it is certainly possible to hack a GPU, the process can be time- or resource-intensive.

Why hack GPU?

Even if it is possible to hack the GPU, why would cybercriminals want to pursue this type of exploitation? There is much that can be achieved here.

First, it's important to note that hackers will test any attack vector, be it hardware or software based. After all, it can prove to be highly effective.

In addition, if the GPU can act as a Trojan horse, it could effectively provide cybercriminals with an effective way to attack devices while remaining under the radar of anti-virus software. Through this, hackers can continue to exploit devices for a longer period of time, allowing them to access sensitive data or perform more remote functions.

How to avoid being hacked GPU

Because GPU hacks still largely exist in the theoretical realm, it's difficult to know exactly how to avoid them. For now, the most you can do is follow these tips:

1. Avoid downloading files online from shady or third-party websites.

2. Use a reputable anti-virus program.

3. Buy your GPU(s) from verified sellers.

4. Buy your laptop and PC from verified sellers.

Isabella Humphrey

Update 28 July 2023