720-891-1663
Return to the list of client alerts
As companies get better at detecting malware, hackers get better at deploying malware.
One form of malware, called fileless, is gaining a lot of popularity because the attacks are very hard to detect. In fact, the attacks were up 265% compared to 1H2018.
Fileless attacks do not drop a malicious executable or even replace known executables with infected ones. This means that A-V software that works by scanning files, either on the disk or in memory, will not stop these attacks. Instead, fileless attacks “live off the land”. Like our pioneer forefathers, these malicious attacks use tools like Office Macros, PowerShell, WMI and other system tools in ways they were not designed, but also in ways that are not not prohibited . Since these tools are trusted, they are allowed to work on behalf of the hackers.
Traditional anti-malware – software that looks for signatures or even whitelists executables – will not stop these types of attacks. The only type of anti-malware software that may stop these attacks is behavioral analysis.
And just in case you think this is just a Windows problem, it is not. It affects Macs as well.
Given the fact that the attacks are increasing exponentially, they must be working.
Your best bet is to block the malware from getting onto your system in the first place using a variety of tools including DNS filtering. The next piece of the solution is endpoint protection that does behavioral analysis. Source: Helpnet Security.