When you think of a virus infecting a system, you can imagine a scenario where someone opens an infected executable file on their PC. This then plants the malware on the system which can then steal information, launch a cryptojacking attack or damage the file system. With antivirus being a key part of people's computers these days, it has been difficult to implement this type of attack. Recently, we've seen a spike in an interesting method of spreading malware - using no files at all!
ContentsWhat is "Fileless Malware?" »Where does it live?How to avoid itAvoid unreliable macrosKeep software updatedUse a good antivirusFileless enemies
Living in RAM means that malware goes undetected by antiviruses that check file systems, but that also has a downside. File system-based malware persists when the PC is turned off because hard drives retain data after the computer is turned off. RAM, however, is erased on shutdown, which means any RAM-based malware inside also perishes. As such, fileless malware is designed to be stealthy and fast so that it can do its job before the PC is shut down.
So now that you know what fileless malware is, how do you avoid getting hit by it?
Try not to install macros that are not from a trusted source. It is possible that macros on dubious sites are programmed to take advantage of security vulnerabilities in the software in which you are running the macro. Only use macros from good, reliable sources.
Because fileless macros need a security hole to breach a system, it's a good idea to keep your software up to date with the latest security patches. This includes your operating system which may have native processes hijacked by fileless malware.
A basic antivirus will only scan the file system, but more advanced ones have the option to check RAM for threats during the scan. If you're worried about fileless malware, there are a few free antiviruses that can check RAM for anything that slips into it.
While malware is more traditionally spread using an executable, this is not always the case. Now you know how fileless malware works and how to defeat it.
Is fileless malware a big concern for you? Let us know below.
Image credit:Hacker – Hacking – Lupe von Nullen und Einsen – MALWARE – blau