Christian Bick, Senior Director of Threat Intelligence at Rapid7, has introduced the concept of a potentially devastating form of ransomware that directly targets the CPU. The idea emerged from an investigation into a critical vulnerability found in AMD chips.
This vulnerability could allow highly skilled attackers to load unauthorized microcode into the processor, potentially breaking hardware-level encryption and altering the chip’s behavior. Typically, only chip manufacturers are able to update a CPU’s microcode.
If such a vulnerability exists, it could be exploited to change how the processor functions — for example, forcing it to always return the number 4 instead of a random value. Bick demonstrated this concept by creating malicious code that embeds itself in the processor and remains undetectable by traditional antivirus software.
This development serves as a major wake-up call for the tech industry. Attacks at the microcode and firmware level are nearly impossible to detect using standard cybersecurity tools. The only effective defense is to prevent these vulnerabilities from being exploited — particularly in CPUs and UEFI firmware.