Factsheet
CVE identifiers CVE-2017-5753 (Spectre-V1),
CVE-2017-5715 (Spectre-V2)
CVE-2017-5715 (Spectre-V2)
Date discovered December 2017; 8 years ago (2017-12)
Affected hardware All pre-2019 microprocessors that use branch prediction
CVE identifiers CVE-2017-5753 (Spectre-V1),
CVE-2017-5715 (Spectre-V2)
CVE-2017-5715 (Spectre-V2)
Date discovered December 2017; 8 years ago (2017-12)
Affected hardware All pre-2019 microprocessors that use branch prediction
Wikipedia
en.wikipedia.org › wiki › Spectre_(security_vulnerability)
Spectre (security vulnerability) - Wikipedia
2 weeks ago - Spectre is a class of speculative execution CPU vulnerabilities that involve side-channel attacks, first discovered in 2017. There are multiple variants that affect modern microprocessors capable of performing branch prediction and other forms of speculative execution. On most processors, the speculative execution resulting from a branch misprediction may leave observable side effects that may reveal private data to attackers. For example...
Virus Bulletin
virusbulletin.com › virusbulletin › 2018 › 07 › does-malware-based-spectre-exist
Virus Bulletin :: Does malware based on Spectre exist?
The Spectre attack [1] has received massive coverage since the beginning of 2018, and by now, it is likely that everyone in computer science has at least heard about it. Spectre exploits the fact that speculative execution resulting from a branch misprediction may reveal private data to an attacker.
Videos
10:10
Spectre Explained - The Attack that took the world by surprise ...
17:13
Spectre & Meltdown: What You Need to Know - YouTube
11:15
Facts About Meltdown and Spectre Viruses - YouTube
07:43
Why are Spectre and Meltdown So Dangerous? - YouTube
06:40
Meltdown & Spectre vulnerabilities - Simply Explained - YouTube
Avast
avast.com › c-meltdown-spectre
Meltdown & Spectre: More Than an Intel Security Flaw
September 16, 2025 - Malware Viruses Ransomware Phishing Scams Hacking Other Threats Passwords Business Security Tips See all Security articles ... Browser IP Address VPN Streaming Identity Protection Dark Web Digital Life Privacy Tips See all Privacy articles ... Originally discovered in June 2017 and still plaguing us today, Meltdown and Spectre are two of the world’s most widespread hardware vulnerabilities.
Microsoft
microsoft.com › en-us › wdsi › threats › malware-encyclopedia-description
Exploit:Win32/Spectre.A threat description - Microsoft Security Intelligence
January 9, 2018 - Understand how this virus or malware spreads and how its payloads affects your computer. Protect against this threat, identify symptoms, and clean up or remove infections.
Meltdown Attack
meltdownattack.com
Meltdown and Spectre
Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory. Spectre tricks other applications into accessing arbitrary locations in their memory. Both attacks use side channels to obtain the information from the accessed memory location.
Spectreattack
spectreattack.com › spectre.pdf pdf
Spectre Attacks: Exploiting Speculative Execution
As a third example of exploiting conditional branches, we developed a reliable proof-of-concept which leaks kernel · memory from an unmodified Linux kernel without patches · against Spectre by abusing the eBPF (extended BPF) interface.
The Record
therecord.media › first-fully-weaponized-spectre-exploit-discovered-online
First Fully Weaponized Spectre Exploit Discovered Online | The Record from Recorded Future News
February 26, 2024 - In particular, Voisin said he found a Linux Spectre exploit capable of dumping the contents of /etc/shadow, a Linux file that stores details on OS user accounts. Such behavior is clearly malicious; however, there is no evidence that the exploit was used in the wild, as it could have also been uploaded on VirusTotal by a penetration tester as well.
BleepingComputer
bleepingcomputer.com › home › news › security › working windows and linux spectre exploits found on virustotal
Working Windows and Linux Spectre exploits found on VirusTotal
March 2, 2021 - As Google found, Spectre also affects major operating systems, including Windows, Linux, macOS, Android, and ChromeOS. Since its discovery, the hardware bug has received firmware patches and software fixes from all major processor and OS vendors. Voisin found the two working Linux and Windows exploits on the online VirusTotal ...
Malwarebytes
malwarebytes.com › home › spectre attacks come back from the dead
Spectre attacks come back from the dead
May 4, 2021 - Speculative execution happens when a computer processor does some work it might need later, instead of waiting until it knows it definitely needs it. What emerged in 2018 is that speculative execution opens the possibility of side-channel attacks. Spectre-based attacks trick a program into accessing arbitrary locations in a program’s memory space.
Miami
security.it.miami.edu › stay-safe › sec-articles › meltdown-and-spectre › index.html
Critical Security Vulnerabilities - Meltdown and Spectre - Affect Computers, Mobile Devices, and Servers | Information Security Office
Github.com has compiled a list ... and Spectre vulnerabilities for both operating systems and web browsers: https://github.com/hannob/meltdownspectre-patches. Remember to always use good security practices for the care of your electronic devices, such as protecting your passwords/passphrases; running anti-virus software; ...
Jumpstarttech
jumpstarttech.com › jumpstart technology | it support & services company | mountain view, san francisco, ca › blog › the spectre virus makes a comeback
The Spectre Virus Makes a Comeback | Jump Start Technology
August 17, 2018 - What is NetSpectre? To perform Spectre attacks, malware would have to run on a targeted machine to extract sensitive data. But in late July, Austrian security researchers found a way to launch Spectre-style attacks remotely without locally installed malware.
YouTube
youtube.com › red hat
Meltdown and Spectre in 3 Minutes - YouTube
Meltdown and Spectre are two major security issues that threaten nearly all computers and mobile devices. In three minutes, this animation explains where the...
Published January 5, 2018 Views 202K
Reddit
reddit.com › r/ghostspectre › has anyone ever reported any kind of malware in ghost spectre os?
r/ghostspectre on Reddit: Has anyone ever reported any kind of malware in ghost spectre OS?
April 6, 2023 -
I am very well aware that i might be a victim of fearmongering, but the people always screaming to not use any windows copy that doesn't come directly from microsoft site itself do have a point. Any malware embedded into the OS can stay hidden. I am very interested in ghost spectre but i want to make sure that its safe before i test it. The ghost spectre site itself honestly doesn't inspire me much confidence.
Top answer 1 of 6
7
There have been accusations of Rootkits and Keyloggers. People use Linux "Distros" all the time and never accuse the creators of malicous intent. This is exactly the same thing. I did a basic analysis over 2 weeks using various tools and baiting a gmail account. I didnt find anything. I would suggest using Malwarebytes and NetLimiter just to be safe. The GhostSpectre Toolkit reaches out to Onedrive and Dropbox to update itself, if a payload were to be delivered it would be through that tool so i suggest using it to get your initial setup done then not using it after that. OneDrive URL hosted at: dviepa.bl.files.1drv.com 13.107.42.12 Script source located here: c:\windows\system32\migwiz\dlmanifests\run.ghost.cmd Dirty Indicators: 13.107.42.12 https://www.abuseipdb.com/check/13.107.42.12 A Dirty IP Address will not necessary indicate malicious intent by the creator of Ghost Spectre because Microsoft will undoubtedly host many end-user accounts on a single IP Address on the Onedrive infrastructure . Most of the reports are for E-mail phishing, e-mail phishing would be an unlikely attack vector for a compromised OS. Clean Indicators: https://www.virustotal.com/gui/domain/dviepa.bl.files.1drv.com/details https://otx.alienvault.com/indicator/hostname/dviepa.bl.files.1drv.com These clean indicators strongly indicate that the creator is not acting maliciously because the "dviepa" in the URL is likely linked directly to the creators account or a small subset of onedrive users.
2 of 6
4
I've been using ghost spectre on my laptop and OneXPlayer 2 and have had no reports of Malware from either Malwarebytes or Windows Defender.
GitHub
gist.github.com › ErikAugust › 724d4a969fb2c6ae1bbd7b2a9e3d4bb6
Spectre example code · GitHub
It only adds instructions for the OS to reset the branch predictor when switching between processes. Full mitigation of within process Spectre would require disabling branch prediction all together. Leading to Intel Atom <2013 speeds, at approximately 1/6th of the performance you have now. ... @HenkPoley The example is about in-process exploits.
Virus Bulletin
virusbulletin.com › uploads › pdf › magazine › 2018 › 201807-Spectre-malware.pdf pdf
VIRUS BULLETIN www.virusbulletin.com 1 JULY 2018 Covering the
surprising as new versions of Spectre were released in May, ... FlushReload.A!tr" virus.