McAfee realizes warning against the growing drift of fileless malware
According to a fresh research performed by McAfee cyber experts, the attacks are taking a new track to penetrate a computer’s data and all the running activities. Moving away from the traditional methods of stealing data the security researchers say that this new way works by employing trusted Windows executable to attack phones, computers, and corporate networks.
The approach is now made by fileless malware that pivots on system tools such as Microsoft PowerShell, which is achieving notoriety because of their ability to make attackers access Windows tasks without coming into notice.
Many conventional security programs are based on monitoring and identifying malware files. But when the software detects no malware file knowing that the system is under the bash, the computer is then rendered useless as the fileless malware makes the attack very hard to expose.
The configuration management framework by Microsoft, PowerShell gives out complete access to a component object model and Windows management instrumentation (WMI) of Microsoft by making it an ideal tool to launch the attack.
Relying on the reposts published by McAfee researchers, a specific fileless threat- dubbed CactusTorch is growing speedily and holds the power to execute custom shellcode on Windows systems. Another thing that has been discovered is the variants of CactusTorch, the fileless malware. Nearly 30 different ranges came into consideration that put down the quick adoption rate of attacking techniques and ability to avoid detection.
This new malware uses DotNet and JavaSrcipt techniques that loads and extracts malicious DotNet assemblies’ right from the computer’s memory. The procedure is powerful as these assemblies are the smallest unit to deploy an application explained by the McAfee security researcher, Debasish Mandal.
Organizations with big and sensitive data need to take quick security measures to protect them against this cyber risk. Going with an active McAfee product will help users to secure the data and the access of malicious attacks. To get the security software, users need to have either McAfee Retailcard or an active account on mcafee.com/activate.