Hackers are getting innovatively sophisticated these days by launching file-less cyber attacks without installing the malware on hard drives at all. Yes, in order to avoid detection by anti-malware solutions, cyber crooks have found a way to use computer’s memory as a malware nurturing zone.
Technically, an anti-malware tool detects malicious software by scanning a hard drive occasionally and analyzing the digital fingerprints of all the files stored on the hard drive. If anything suspicious matches the record of malware evidence; the security solution immediately alerts the user about the malware presence and the waits for the response of the user to proceed further.
Thus, in order to avoid this activity of the scan hackers have devised a way to hide their malicious code in the memory of a computer.
In a research carried out by security firm Kaspersky, researchers found that hackers are using a remote access Trojan that arrives as a Word file with an infected macro on victim computer. First, the Trojan executes a malicious script within memory and then uses an administrative tool, Windows Powershell, to run a malicious script that executes the payload.
Therefore, by launching such file-less cyber attacks, hackers are succeeding in evading the anti-malware solutions with ease.
Kaspersky report says that this file-less cyber attack is already on the prowl and has so far victimized more than 140 banks operating around the world. They also confirm that a proper solution to curb such attacks isn’t available yet.
