Only two weeks after the disclosure of the Spectre and Meltdown attacks, two new similar attacks against emerged on the internet. The attacks are called Skyfall and Solace and the discoverers of the attacks registered two websites. On these sites they explain the new attacks are based on Spectre and Meltdown and will be announced soon.
It’s unknown who the people behind both websites are and information about the new attacks is scarce. The two websites, Skyfallattack.com and Solaceattack.com, don’t mention any Common Vulnerability and Exposures (CVE) number that make it possible to identify the vulnerabilities.
This has been done intentionally, as the authors of the site write, “full details are still under embargo and will be published soon when chip manufacturers and Operating System vendors have prepared patches.”
The websites are both registered on the 12th of January this year and the owners of the domains have used a anonymisation service. This makes it impossible to find out who the owners of the domains are.
It’s not likely that the security researchers who found Spectre and Meltdown are also behind Skyfall and Solace. They were not secretive about their identify, and used contact data of the Technical University of Graz where some of them worked/studied.