Not a Tech Pro Research member? Sign up for a Free Trial and get access to this content and more for one week.
- Originally Published:
- Jul 2017
Fileless malware is a dangerous and devious threat–and it’s gaining traction. This ebook looks at what it is, how it could affect your organization, and ways you can protect against infections, reduce exposure, and prevent the damage from spreading to other networked systems.
From the ebook:
Typical malware detection software functions based on signature detection or identifiable pieces of code that are unique to a particular type of infection. Other malware, such as ransomware, doesn’t always leave a trace; however, through heuristics scanning, the behaviors specific to ransomware may be detected and halted, allowing users to take action to protect their data.
But how do you protect against an infection that does not have a signature that clearly identifies it or that performs a behavior that is out of the norm, such as encrypting hundreds of files per second? Furthermore, what can be done when the very commands and applications being called forth by the infection are native to the operating system and are used to perform actual management tasks?
These are characteristics of fileless malware, a type of malware that does not rely on virus-laden files to infect a host but rather attacks a system from the inside to execute malicious code in resident memory. Its attack methods use stealth approaches to mask the commands it employs to keep access hidden and to conceal network traffic between infected hosts and remote command & control (C&C) servers, leaving a backdoor open for future malware attacks to occur.
Already a member? Log in here