Can Graphics Cards Get Viruses? Answered in Detail

We often see software being affected by malware or virus. For now, there is a belief that PC hardware only has some sort of coding that cannot be rewritten or edited by a computer virus. However, in the past few months when there was a huge shortage of GPUs in the market, there were reports of malicious threats via graphics cards to your PC. And in this article, we would answer your question about whether GPUs are affected by viruses or not.

Yes, Cyberattacks are also being carried out through malware that executes the code from your graphics card without being detected by your Antivirus program. The technique used in this method is called PoC (Proof-of-Concept) which prevents the malware from being scanned by anti-malware programs when the data is present in your system’s RAM.

The script is run on your vBIOS, therefore the virus takes control of your GPU before you log in to your Windows.

How Malware is Affecting Your System Through GPU?

So far, there isn’t much information about how the malicious code is run to affect your PC. In a report published by Bleepingcomputer, it is mentioned that they execute the malicious code from the VRAM of your graphics card. Also that the code only works on the Windows operating systems and the OpenCL framework. As there are no malware analysis tools made for graphics cards, this left a loophole for cyber attackers to get into your PC.

Most antivirus programs scan the physical memory (RAM) of your computer to find out malicious files. Therefore, these anti-malware applications do not have access to scan the VRAM of your graphics card.

List of the Graphics Cards That Are Prone to Viruses

The PoC code was successfully tested on some of the graphics cards listed below:

• AMD Radeon RX 5700
• Nvidia GTX 1650
• Nvidia GeForce GTX 740M (laptop GPU)
• Intel UHD 620/630

We really don’t know if the code can be executed through other graphics cards that are not mentioned in the list above. But if you look at the AMD Radeon RX 5700 which is built on AMD’s RDNA architecture, there are higher chances of other GPUs being affected by the malware built on the same architecture.

Well, Nvidia and AMD have to address these issues and make their chips secure for end-users. But as the PoC technique remains a mystery, it would take some time for security programmers at Nvidia and AMD to overcome this issue.

The history of GPUs being affected by viruses is not a new thing. Back in the year 2015, JellyFish, a Linux-based GPU rootkit was introduced that was a kind of GPU Keylogger or Trojan used to interact with your graphics card through OpenCL. So, graphics cards from AMD and Nvidia that supported OpenCL 2.0 were more likely to get infected by this malicious code.

Are There Any Risks Associated with GPU Malware Attacks

Generally speaking, there is no risk of leaking sensitive information if a malware affects your GPU. PoC technique or JellyFish rootkit both execute the commands from your VRAM (video memory), and there is no such sensitive information to be found in your VRAM.

Hackers use your graphics card to run high-speed parallel calculations. Other than this, they won’t be getting any extra benefits by taking control of your GPU. But don’t worry, there are hardly any cases reported by users regarding their GPU being infected by a virus.

How to Prevent GPU Malware Attacks

Like we’ve said earlier, there are hardly any antivirus applications that scan your video memory to look for malicious files. Until, platforms like Avast, Norton, etc develop a solution to scan your VRAM for malware, there are some precautions you could take to be on the safe side:

• Updating the drivers of your graphics card
• Buying a graphics card built on the latest architecture helps in boosting the overall security and performance.
• Going with GPUs that support OpenCL 3.0 rather than Open CL 2.0