Malware uses Intel CPU feature to steal data

Microsoft’s security team has come across a malware family that uses Intel’s Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool.

Because of the way the Intel AMT SOL technology works, SOL traffic bypasses the local computer’s networking stack, so local firewalls or security products won’t be able to detect or block the malware while it’s exfiltrating data from infected hosts.

9 Comments

  1. 2017-06-08 10:40 pm
    • 2017-06-09 12:05 am
      • 2017-06-09 3:46 am
      • 2017-06-09 2:30 pm
        • 2017-06-09 3:37 pm
    • 2017-06-09 4:21 pm
  2. 2017-06-09 1:15 am
  3. 2017-06-09 7:46 am
  4. 2017-06-09 8:35 am