Fileless Attacks Are On The Rise.

in #writing6 years ago (edited)

This is not the first time I’ve met this term Fileless but I had no interest in it. Except that for more than year I discover more and more articles that describe its devastation. We speak about it today.

fqzfqzd.jpg

The pirates never sleep and they use another type of attack.

Let us begin with the basics, its meaning: Fileless is literally without file.
A Virus/Malware Fileless, is thus a hostile program that runs without installing any files.

But how is it possible? I am going to explain you in a very simplified way, I apologize beforehand to the purists and all other experts who would pass here…

Roughly, the key point of these attacks is that they run from the RAM of your computer.

They are thus difficult to detect, the positive side being that a simple restart will stop them, because by definition, the RAM is a temporary storage area.
But do not claim too fast victory, they can relaunch again as fast as they appeared…

It’s not a new process, it has already existed at the time of Xp, they would even date the 90s!
If it was not used a lot at the time, I suppose that was just because the computers were running with very little RAM, it was not uncommon to see Systems using only 256 mo, or less ...

It’s clear that only only mid-range and high-end computers that are heavily endowed and therefore mostly used by companies could be targeted but they only represented a little part of the users.

Except that today, a lot of configuration run with 4 Gigas and the standard is now 8!

You may say yourselves that it’s nice to use RAM but if there are no hostile programs installed, it’s not possible to execute a malicious action, right?

Well yes! Your computer uses numerous programs called scripts (the purists will rectify, I trust them...) which originally only execute tasks serving the proper running of the System but it’s possible to divert their initial purpose …

If for example a program has the task to collect data, it can be used to send them in one third person.

You understood it, some of these small harmless executable at the base could under certain conditions certainly serve hostile interests.

DQmdpsoEfLe5nRg4Q1oKWHNjLdMnAucCYfRou1yF5Yiwrzs.png

How to protect itself?

Well I am sorry to tell you that but I am going to teach you nothing. This last part will be very short …

Yes because if the operating mode is formidable and can rightly be very afraid, the preventive measures to take are elementary. As usual don't go on little known or unknown sites and/or do not click on unknown links in your emails, even if they seem to have been sent by relatives.

I strongly recommend being careful and aware of the threats. You should really take a look at my past articles that you can see below to protect your privacy and your freedom!

DQmNuF3L71zzxAyJB7Lk37yBqjBRo2uafTAudFDLzsoRV5L.gif

Sort:  

Since it seems malware is able to fairly reliably remain undetected in memory, this doesn't surprise me. The next defense is going to have to do a better job of scanning memory for threats.

Good advice here. Malware is always changing. I recommend enabling auto updates on whatever system you are running. Keep OS patched, security definitions up to date, run adblocker, and never trust files you aren't expecting. Stay away from torrent sites and never ever ever try running Bearshare, lol.

Coin Marketplace

STEEM 0.17
TRX 0.15
JST 0.028
BTC 62025.78
ETH 2417.09
USDT 1.00
SBD 2.49