Cybercriminals are taking advantage of a well-known vulnerability to trick users into downloading malware.
Cybercriminals have spoofed the website of the German Federal Office for Information Security (BSI). The phishing site looks like the official site and is even SSL-enabled, meaning the site looks secure.
The fake domain links users to a ZIP archive that claims to contain a patch for Meltdown and Spectre chip vulnerabilities, but in fact contains malware. When users run the "patch," their computers are infected with Smoke Loader malware.
Smoke Loader malware connects and sends encrypted information to various domains and receives additional payloads.
Fortunately, this phishing website is no longer operational. However, hackers are creating similar fake sites for future scams. Phil Muncaster "Phishers Push Malware Disguised as Meltdown Fix," www.infosecurity-magazine.com (Jan. 15, 2018).