{"id":17934,"date":"2018-11-03T15:48:08","date_gmt":"2018-11-03T15:48:08","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/29473\/Intel-CPUs-Fall-To-New-Hyperthreading-Exploit-That-Pilfers-Keys.html"},"modified":"2018-11-03T15:48:08","modified_gmt":"2018-11-03T15:48:08","slug":"intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/","title":{"rendered":"Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2018\/11\/i7-800x504.jpg\" alt=\"Intel CPUs fall to new hyperthreading exploit that pilfers crypto keys\"\/><\/p>\n<aside id=\"social-left\" aria-label=\"Read the comments or share this article\">\n<h4 class=\"comment-count-before\"><a aria-describedby=\"87 posters participating\" title=\"87 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2018\/11\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-crypto-keys\/?comments=1\">reader comments<\/a><\/h4>\n<p><a aria-describedby=\"87 posters participating\" title=\"87 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2018\/11\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-crypto-keys\/?comments=1\"><span class=\"comment-count-number\">126<\/span><\/a><\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/div>\n<\/aside>\n<p>Over the past 11 months, the processors running our computers, and in some cases phones, have succumbed to a host of attacks. Bearing names such as <a href=\"https:\/\/arstechnica.com\/gadgets\/2018\/01\/meltdown-and-spectre-every-modern-processor-has-unfixable-security-flaws\/\">Meltdown and Spectre<\/a>, <a href=\"https:\/\/arstechnica.com\/gadgets\/2018\/03\/its-not-just-spectre-researchers-reveal-more-branch-prediction-attacks\/\">BranchScope<\/a>, <a href=\"https:\/\/arstechnica.com\/gadgets\/2018\/06\/tlbleed-a-new-way-to-leak-crypto-keys-on-hyperthreaded-processors\/\">TLBleed<\/a>, and <a href=\"https:\/\/arstechnica.com\/gadgets\/2018\/08\/intels-sgx-blown-wide-open-by-you-guessed-it-a-speculative-execution-attack\/\">Foreshadow<\/a>, the exploits threaten to siphon some of our most sensitive secrets\u2014say passwords or cryptographic keys\u2014out of the silicon microarchitecture in ways that can\u2019t be detected or stopped by traditional security defenses. On Friday, researchers disclosed yet another leak that has already been shown to exist on a wide range of Intel chips and may also affect other makers, too.<\/p>\n<p>PortSmash, as the new attack is being called, exploits a largely overlooked side-channel in <a href=\"https:\/\/en.wikipedia.org\/wiki\/Hyper-threading\">Intel\u2019s hyperthreading technology<\/a>. A proprietary implementation of <a href=\"https:\/\/en.wikipedia.org\/wiki\/Simultaneous_multithreading\">simultaneous multithreading<\/a>, hyperthreading reduces the amount of time needed to carry out parallel computing tasks, in which large numbers of calculations or executions are carried out simultaneously. The performance boost is the result of two logical processor cores sharing the hardware of a single physical processor. The added logical cores make it easier to divide large tasks into smaller ones that can be completed more quickly.<\/p>\n<h2>Port contention as a side channel<\/h2>\n<p>In a paper scheduled for release soon, researchers document how they were able to exploit the newly discovered leak to recover an elliptic curve private key from a server running an OpenSSL-powered TLS server. The attack, which was carried out on servers running Intel Skylake and Kaby Lake chips and Ubuntu, worked by sending one logical core a steady stream of instructions and carefully measuring the time it took for them to get executed.<\/p>\n<p>The specific timing allowed PortSmash to deduce the key being processed in another logical core of the same processor. The resource providing the leak is port contention, a phenomenon that happens when multiple instructions using the same physical processor resources get assigned to various ports to await completion. The vulnerability is indexed as CVE-2018-5407. It affects PCs as well as servers, although the vector for exploit generally favors the latter.<\/p>\n<p>\u201cOur technique can choose among several configurations to target different configurations to target different ports in order to adapt to different scenarios, thus offering a very fine spatial granularity,\u201d the researchers wrote in the paper. \u201cAdditionally, PortSmash is highly portable and its prerequisites for execution are minimal, i.e., does not require knowledge of memory cache-lines, eviction sets, machine learning techniques, nor reverse engineering techniques.\u201d<\/p>\n<p>In an email, Billy Bob Brumley, a professor at the Tampere University of Technology in Finland and one of the authors of the paper, said he expects that chips beyond the Skylake and Kaby Lake architectures are similarly vulnerable with slight modifications to the attack code. \u201cWe strongly suspect AMD Ryzen architectures which feature SMT are vulnerable, but we leave that for future work,\u201d he wrote. \u201c(The real reason is we don\u2019t have the [hardware] to test it on at the moment, so we have to wait.)\u201d<\/p>\n<p>Brumley said the most likely real-world scenario for maliciously exploiting the vulnerability is in so-called <a href=\"https:\/\/en.wikipedia.org\/wiki\/Infrastructure_as_a_service\">infrastructure as a service<\/a> environments, in which a cloud provider hosts all the trappings of an on-premises data center, including the servers, storage and networking hardware, and the virtualization or hypervisor layer.<\/p>\n<p>\u201cPersonally speaking, I feel remote login scenarios are the biggest targeted threat,\u201d Brumley wrote. \u201cHere, a [malicious] user with credentials logs in (e.g. via SSH), compiles the exploit code, and runs it to extract information from other processes running in parallel.\u201d<\/p>\n<p>Brumley said the exploit was written in x64 assembly code that runs locally on a vulnerable computer. He said he knows of no evidence the results can currently be reproduced using JavaScript downloaded from a website. Given the ability of Spectre to be exploited in JavaScript, it remains a possibility. The researchers&#8217; proof-of-concept exploit is available <a href=\"https:\/\/github.com\/bbbrumley\/portsmash\">here<\/a>.<\/p>\n<p>In a statement, Intel officials wrote:<\/p>\n<blockquote>\n<p>This issue is not reliant on speculative execution, and is therefore unrelated to Spectre, Meltdown or L1 Terminal Fault. We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices. Protecting our customers\u2019 data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners and researchers to understand and mitigate any vulnerabilities that are identified.<\/p>\n<\/blockquote>\n<h2>Hyperthreading under the gun<\/h2>\n<p>PortSmash is the second processor attack that targets hyperthreading. TLBleed disclosed in June also used hyperthreading to determine a private encryption key. The researchers developing that attack ran a program calculating cryptographic signatures using the Curve 25519 EdDSA algorithm implemented in libgcrypt on one logical core and their attack program on the other logical core. They were able to determine the 256-bit encryption key used to calculate the signature with a combination of two milliseconds of observation, followed by 17 seconds of machine-learning-driven guessing and a final fraction of a second of brute-force guessing. The side channel in that case was provided by the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Translation_lookaside_buffer\">translation lookaside buffer<\/a>.<\/p>\n<p>TLBleed was worrisome enough to prompt developers to <a href=\"https:\/\/www.itwire.com\/security\/83301-openbsd-disables-hyperthreading-support-for-intel-cpus-due-to-likely-data-leaks.html\">disable hyperthreading<\/a> in OpenBSD, the operating system that prioritizes security. Brumley also recommended that users disable SMT in their BIOS or choose platforms that don\u2019t offer it at all. Better yet, he told Ars, OS developers should disable SMT at boot time.<\/p>\n<p>On a vulnerability disclosure group thread discussing PortSmash, Alexander Peslyak, the security specialist better known as Solar Designer, <a href=\"https:\/\/seclists.org\/oss-sec\/2018\/q4\/126\">praised the research<\/a> as \u201ctop notch.\u201d He then said that the port contention side-channel has long been obvious and \u201ca fully expected property.\u201d<\/p>\n<p>\u201cMaybe the problem is it wasn\u2019t documented as such,\u201d he wrote. \u201cMaybe we should have put more effort into making it more obvious to everyone in 2005, like it\u2019s finally done now.\u201d<\/p>\n<p>Peslyak went on to say that the version of OpenSSL exploited by PortSmash was doing things that in theory could leak keys even when SMT is turned off, albeit at a pace that would require much more time and many more resources.<\/p>\n<h2>An OpenSSL bug, too<\/h2>\n<p>Paul Kocher, the cryptography security expert who discovered Spectre, agreed that a key weakness that makes PortSmash so alarming was the way OpenSSL carried out sensitive operations using branch instructions that\u2019s based on secret values.<\/p>\n<p>\u201cThis kind of leakage is something that crypto library authors already understand pretty well and know they need to protect against,\u201d Kocher wrote in an email \u201cE.g. it\u2019s typically assumed that any situation where secrets to affect the control flow, such as the condition for a branch, needs to be avoided. As a result, I\u2019d say that this work describes an OpenSSL bug that can be exploited using well-known issues with hyperthreading (and perhaps other ways as well, e.g. branch predictor state).\u201d<\/p>\n<p>OpenSSL developers have since released an update that makes PortSmash infeasible. While details weren\u2019t immediately available, they likely involve changes in the way OpenSSL uses, or interacts with, SMT.<\/p>\n<p>The PortSmash paper, titled <em>Port Contention for Fun and Profit<\/em>, continues to recommend fully disabling SMT, not only to blunt the threat of PortSmash, but also those of TLBleed and two similar attacks known as CacheBleed and MemJam. But the authors go on to recognize the performance loss the countermeasure will have on thread-intensive applications. A defense that would have less of a performance cost is a proposed change to OSes to support logical core isolation requests that apps could make when carrying out sensitive tasks. The selective SMT disabling would inflict a much lower performance penalty, but it also requires a large upfront investment in the form of changes to OSes and the code libraries.<\/p>\n<p>Another approach the authors recommend is for applications to use port-independent code, which \u201ccan be achieved through secret-independent execution flow secure coding practices, similar to constant-time execution.\u201d<\/p>\n<p>To repeat a point made earlier, PortSmash currently poses a threat mainly to people using computers or services that allow untrusted people to use the same physical processor. These users should pay close attention to the research and carefully consider the recommendations. For the time being, the risk to others is likely low, but that could change with more research.<\/p>\n<p><em>This post was updated to add comment from Intel.<\/em><\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/29473\/Intel-CPUs-Fall-To-New-Hyperthreading-Exploit-That-Pilfers-Keys.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":17935,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[2967],"class_list":["post-17934","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlineflawcryptographyintel"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-11-03T15:48:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"504\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys\",\"datePublished\":\"2018-11-03T15:48:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/\"},\"wordCount\":1403,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/11\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys.jpg\",\"keywords\":[\"headline,flaw,cryptography,intel\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/\",\"name\":\"Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/11\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys.jpg\",\"datePublished\":\"2018-11-03T15:48:08+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/11\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/11\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys.jpg\",\"width\":800,\"height\":504},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,flaw,cryptography,intel\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineflawcryptographyintel\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/","og_locale":"en_US","og_type":"article","og_title":"Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-11-03T15:48:08+00:00","og_image":[{"width":800,"height":504,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys","datePublished":"2018-11-03T15:48:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/"},"wordCount":1403,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys.jpg","keywords":["headline,flaw,cryptography,intel"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/","url":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/","name":"Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys.jpg","datePublished":"2018-11-03T15:48:08+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/11\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys.jpg","width":800,"height":504},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/intel-cpus-fall-to-new-hyperthreading-exploit-that-pilfers-keys\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,flaw,cryptography,intel","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineflawcryptographyintel\/"},{"@type":"ListItem","position":3,"name":"Intel CPUs Fall To New Hyperthreading Exploit That Pilfers Keys"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/17934","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=17934"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/17934\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/17935"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=17934"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=17934"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=17934"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}