A new Spectre-esque cyberattack has been found — Intel CPUs under attack once again by encryption-cracking campaign

However AMD appears to be immune to this particular threat

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Academic researchers from multiple universities recently discovered a new Spectre-like method of extracting secrets from modernIntelprocessors. However, Intel says that the original Spectre mitigation fixes these flaws, too.

A group of researchers from the University of California San Diego, Purdue University, UNC Chapel Hill, Georgia Institute of Technology, andGoogle, discovered that a feature in the branch predictor called the Path History Register (PHR) can be tricked to expose sensitive data.

Thus, they dubbed the vulnerability “Pathfinder”.

Extracting AES encryption keys

“Pathfinder allows attackers to read and manipulate key components of the branch predictor, enabling two main types of attacks: reconstructing program control flow history and launching high-resolution Spectre attacks,” Hosein Yavarzadeh, the lead author of the paper, toldThe Hacker News.

“This includes extracting secret images from libraries like libjpeg and recoveringencryptionkeys from AES through intermediate value extraction.”

For those with shorter memory, Spectre was a side-channel attack that exploited branch prediction and speculative execution in processors, allowing attackers to read sensitive data in the memory.

PHR’s job is to keep a record of the last branches taken. It can be fooled to induce branch mispredictions and thus cause a victim program to run unintended code paths. As a result, sensitive data gets exposed.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

In the research paper, the academics demonstrated extracting the secret AES encryption key, and leaking secret images during libjpeg image library processing.

Intel was tipped off in November last year, and released a security advisory addressing the findings, in April this year. In the advisory, Intel said that Pathfinder builds on Spectre v1, adding that the previously released mitigations address this problem, as well.

AMD’s silicon seems to be immune to Pathfinder, the researchers concluded.

Those interested in learning more can read the entire paper onthis link.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Herman Miller Aeron gaming chair review: premium, highly customizable comfort