By Shelly Melancon (Switzerland)
A new study has shown that hackers can extract cryptographic keys on personal computers. The study confirmed that PCs with Intel and AMD processors are particularly susceptible to the Hertzbleed attack. This attack is a type of side-channel vulnerability.
The study was completed recently and published on Tom’s hardware site. The researchers described how hackers could steal these cryptographic keys. They said the hackers could easily set up a tool that monitors a PC’s boost frequency and power mechanisms.
The researchers noted that they have confirmed that hackers can exploit Intel and AMD CPUs. However, they stated that they are yet to confirm whether hackers can perform the same process on other computers. The study notes only state that the Hertzbleed attack will work on any PC with the DVFS power algorithm.
Researchers from three American Universities combined to perform this study. They are the University of Washington, the University of Illinois, Urbana-Champaign, and The University of Texas, Austin.
Details About The Hertzbleed Attack Process
According to the study, the malware steals data from a PC by monitoring the effect of various operations on it. The attack tracks the energy signatures of a specific cryptographic workload. This tracking is possible because each system has its unique power signatures.
The hacker can convert the obtained energy details into timing data. Then, he uses this timing data to uncover the cryptographic keys and exploit the owner. The study also revealed that hackers could set up this attack without being close to the PC they want to attack.
The report reads, “the Hertzbleed attack is a frequency side channel. It is a new category of side-channel attacks. Hackers can deploy this attack to steal cryptographic keys from any server.” This attack is so powerful that hackers can use it to steal cryptographic keys from some of the most secure remote servers.”
The study notes that it has successfully tested the attack on all Intel processors. It further states that it has tested it on AMD’s Zen-2 and Zen-3 system processors.
Intel And AMD Don’t Have Any Firmware Patch Plans
Inside sources close to the matter disclosed that neither of the chip giants is ready to develop and launch a firmware to fix the problem. A tech post stated that the only temporary solution is for PC users to disable the frequency boost functionality on their PCs.
Intel calls this functionality the “turbo boost,” while AMD calls it the “precision boost.” However, the post notes that disabling this functionality could slow down the PC’s performance. Intel has issued an official response on the matter. It states that it has shared the report with other chip manufacturers. However, it claims that hackers can’t steal such cryptographic keys unless they operate under lab conditions.
At Tokenhell, we help over 5,000 crypto companies amplify their content reach—and you can join them! For inquiries, reach out to us at info@tokenhell.com. Please remember, cryptocurrencies are highly volatile assets. Always conduct thorough research before making any investment decisions. Some content on this website, including posts under Crypto Cable, Sponsored Articles, and Press Releases, is provided by guest contributors or paid sponsors. The views expressed in these posts do not necessarily represent the opinions of Tokenhell. We are not responsible for the accuracy, quality, or reliability of any third-party content, advertisements, products, or banners featured on this site. For more details, please review our full terms and conditions / disclaimer.