What Is Fileless Malware
On Symantec’s latest Internet Security Threat Report released in March, the cybersecurity company stated that there was an exponential increase in malware attacks both on desktop and mobile devices in 2017.
In addition, Symantec found that there was a 46% increase in new varieties of malware. One variety discovered was fileless malware, which was first reported by Kaspersky Labs in February 2017. Fileless malware is expected to cause significant cybersecurity problems in 2018, but what exactly is it, and what does it do?
Definition of fileless malware
The reason fileless malware got its name is because, unlike most malware, it does not need to install files or software in order to infect the target system or device. Since this type of malware requires no files, it is very difficult to detect and therefore prevent or delete.
Fileless malware execution
Fileless malware embeds itself inside a device’s RAM and uses that device’s vulnerabilities against it. It uses a system’s processes to launch its attack, like manipulating an internet browser into running malicious code or taking advantage of normally safe commands such as javaw.exe.
Fileless malware can be dangerous for Windows systems in particular, because it can multiply by exploiting Microsoft’s PowerShell script. Once it does, the fileless malware will gain access to the Windows API.
Here is what a typical attack leveraging PowerShell would look like.
- You receive an email that links to a malicious website
- Since the email was able to bypass spam filters, you open it, thinking it’s safe.
- You click on the link contained in the email
- The website loads a program on your device.
- The program activates Windows’ PowerShell tool, which the attacker uses through the command line while operating on your device’s RAM.
- Powershell executes a script from a command-and-control-server to locate your data.
- PowerShell steals your data and sends it to the hacker.
This is simply one scenario, but there are various other ways for hackers to launch a fileless malware attack.
Common targets of fileless attacks
In 2017, the majority of the attacks targeted banks and other companies in the financial industry across 40 countries, likely because it was a highly profitable activity for cybercriminals.
However, cybersecurity experts think that as the number of fileless malware attacks rise, the victims will be more varied and include other industries as well as individual internet users.
Fileless Malware safety
While fileless malware can be challenging to prevent, that doesn’t mean you should try. Here are some tips you should consider to counter an attack.
- Keep your devices and the software within them updated in order to patch existing security flaws.
- Remove unnecessary applications on your devices.
- Encrypt your information using a VPN.
- Avoid logging on to public Wi-Fi.
- Install reliable anti-virus and anti-malware programs on your devices.
If you follow best practices, you significantly lower your chances of getting hit by fileless malware.
Betternet VPN - your partner in malware protection
If you’re looking for a tool that can help you prevent malware attacks, then look no further than Betternet, a virtual private network (VPN) software. With Betternet’s high-end data encryption protocols, you can be sure that hackers won’t be able to infect your devices with fileless malware.
Protect yourself from malware and other cyberattacks. Visit our website to download Betternet VPN today. To find out what makes us unique as a VPN provider, you can check out our blog.