Fortinet researchers released a chart that shows the total number of unique samples they uncovered between January 7 and January 22. In this relatively short time frame, they came across 119 malware samples that exploit Meltdown and Spectre flaws. All of them were based on the PoC code.
Security researchers typically release release PoC alongside their vulnerability research paper to demonstrate that a bug is not just theoretical and can indeed be exploited. In the case of Spectre, especially, a PoC may have been necessary because otherwise chip makers may have continued to consider the flaw theoretical, just as they’ve been doing for the past 20 years.
Via: Tom's Hardware