Fileless Malware

Fileless Malware

Have you ever heard about fileless malware ?

It’s a, relatively, new way of attacking your computer.

Traditional malware and virus are detected by security software because they create a file on computer.
The virus has a footprint, a signature, it’s a sequence of characters that anti-malware tools scan and search for on your computer.
If that sequence is found in a file, the security software flags that file as infected.

Fileless malware does not write a file, fileless malware is written directly to RAM, random access memory, and doesn’t leave behind traces of its existence.
This form of malware uses vulnerabilities already existing in your system, mostly because your operating system or browser or programs are not patched for security or some sketchy software was installed.

How this can happen ?

Legitimate-looking websites that actually are malicious.
Phishing emails, malicious downloads, and links that look legitimate.
When you click on these links, they load to your PC’s memory, enabling hackers to remotely load codes via scripts that capture and share your confidential data.
But also macros executed in Microsoft Word or JavaScript.
Windows Management Instrumentation (WMI) and Microsoft PowerShell.

What can you do ?

First and foremost be always alert.

Carefully analyze the content of your emails, do not click on dubious links, do not install random software, do not try to save money buying cheap software on internet; if the price is too good to resist, chances are very high that the software is either illegal, counterfeit or just a plain malware when you try to install it.

If you know what and how to do it, keep all of your system updated.

Use a reliable and powerful protection software.

Trust a professional.