Skip to main content

Fileless malware runs entirely from memory to make detection harder

posted onNovember 10, 2014
by l33tdawg

Traditional malware infections usually require a file object to be placed on the system which makes it relatively easy for them to be detected and removed.

Now though there’s a stealthier threat uncovered by security company Malwarebytes. Poweliks is an infection that runs without a filesystem object, completely from the registry and memory using rundll32.exe, javascript and a create on-the-fly dll.

Code can be injected into the machine via a fake landing page which makes traditional security solutions like white listing ineffective in combating it.

Source

Tags

Viruses & Malware

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th