Ransomware is a serious problem in its current state, and it’s about to get worse. All your security programs and measures will be rendered useless when ransomware comes for your CPU.

Ransomware Can Lock Your CPU

Ransomware generally locks system files and other documents inside your OS and renders your PC practically unusable. CPU ransomware, on the other hand, changes your processor’s microcode, completely changing its behavior.

Only chip manufacturers such as AMD or Intel can provide microcode for their respective processors. This comes preloaded from the factory, and you might get updates later that improve performance, stability, or fix any bugs. If hackers are able to exploit a CPU firmware bug to upload malicious microcode to your processor, it’s pretty much game over.

Although the chances of this happening are quite slim, it isn’t entirely a theoretical possibility anymore. Google has already demonstrated how it could inject custom microcode in an AMD Zen CPU by exploiting a bug that made the processor choose the number four every time it was asked for a random number.

To make matters worse, Christiaan Beek, senior director of threat analytics for cybersecurity firm Rapid7, has already developed a working proof-of-concept, according to The Register. Thankfully, he’s not releasing it, but now that the idea is out in the wild, it won’t be long before hackers figure it out. In Beek’s own words,

if they worked on it a few years ago, you can bet some of them will get smart enough at some point and start creating this stuff.

There is a possibility that hackers might already be working on a CPU or firmware ransomware. UEFI bootkits that allow hackers to bypass Secure Boot and inject malware into a system’s firmware already exist and are openly sold on hacking forums on the dark web. Beek also mentioned quotes from leaked conversations revealed in the 2022 Conti ransomware leaks that suggest hackers might be working on proof-of-concept ideas that install ransomware inside a computer’s UEFI firmware.

Can You Protect Yourself?

While antivirus programs can detect ransomware infections early on and block the processes from running, CPU ransomware is beyond their reach. If a CPU gets infected by ransomware, the malicious program will load even before the OS, bypassing every traditional security measure in place and gaining complete access to every system component.

The good news is you don’t need to start worrying just yet, as Beek hasn’t seen any working malware samples in the wild just yet. It’s unlikely that hackers will be able to come up with a working exploit for at least a couple of years. Even if a working exploit is discovered, you can bet CPU manufacturers will rush to patch the issue and release firmware updates. On top of that, CPU vulnerabilities of this scale are quite rare in the first place.

Related

Ransomware Is Rampant in 2025: 6 Quick Tips That’ll Protect Your Data

These security strategies can keep your data safe without requiring technical expertise.

Better security is already one of the reasons why you should update your PC’s BIOS. With CPU ransomware looming on the horizon, an updated BIOS and CPU drivers become even more important. Just keep your software updated, don’t click on random emails and links, and check before running programs downloaded off the internet, especially if you don’t trust the website or sender.