Why fileless infections are the future viruses

by Ugnius Kiguolis - -

Computer security experts have started discussing a new type of malware, which is known as “Fileless infections.” The main peculiarity of viruses that fall into this category is that they act without traces. This technique helps them to overcome the file-based detection, which is widely used by anti-virus and anti-spyware programs. Having in mind the malicious nature and odd behaviour of the fileless malware, it is not a surprise that there is still a lack of sufficient knowledge about such viruses. Fortunately, IT specialists have already managed to gather enough data to sort this malware into two groups.

An image of fileless malware

The first group of fileless viruses is called “Escapers.” The main goal of such malware is to leave the system right after its malicious task is over. Escapers can collect the technical data about the operating system and infect it with other malware. When their task is finished, such fileless viruses leave the system. The most known viruses from this category are PowerSniff and USB Thief. Speaking of PowerSniff, it is disguised as a macro file which might bear a code of a highly aggressive virus. USB Thief hides in portable data storage devices. Once such device is attached to a computer, the infection starts collecting the data about a victim’s operating system with no trace.

The second group of fileless infections is called “Residents”. These aggressive exploit kits can also operate on your system while keeping themselves invisible. They usually run an encoded script in a computer registry, so there is no surprise that they are almost undetectable. One of “Residents” member is a Kovter virus. It creates unreadable registry keys that carry malicious scripts. Kovter is capable of blocking computer’s screen and data, so it is suspected to be related to FBI ransomware.

Unfortunately, but there is not much knowledge about fileless viruses. It is clear that they can cause serious damage due to their shifting form and broad-scale abilities. However, their ability to disappear right after finishing their job causes serious trouble for computer researchers to find out more about them. The most effective way to protect yourself from these infections is to install a reliable security software. If you keep it updated, there is a higher probability that the software detects this seemingly undetectable malware.

About the author

Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

Ugnius Kiguolis is a professional malware analyst who is also the founder and the owner of 2-Spyware. At the moment, he takes over as Editor-in-chief. More

More information about the author

Read in other languages


Files
Software
Compare
Like us on Facebook