Cybersecurity experts are warning about a spike in occurrences of fileless malware attacks that leave no trace on the victim’s computer, thus making them quite hard to detect. This type of malware takes advantage of the trust factor between security software and legitimate Microsoft Windows applications.
According to McAfee Labs, this type of attack is launched via trusted executables, so detection is quite a challenge. The fact that these attacks have become so common is rather concerning. Comparing this to the way hackers usually go about their business by infecting a system with malware applications, this type of cyberattack does not require any of that.
McAfee also pointed out that anyone can fall prey to this, both individual and enterprise users. In a corporate setting, cybercriminals use this attack vector to move through the network laterally.
Debasish Mandal, a cybersecurity expert, noted that CactusTorch is an example of this kind of threat. It employs the DotNetToJScript, a technique that loads and executes malicious processes straight from the computer’s memory. He says that the assemblies can come in the form of the smallest units of an application deployment, such as a .exe or .dll file. According to his words, this malware does not write itself to the hard drive.
Due to this, traditional anti-malware scanners remain an ineffective tool in the fight against the latest emerging cybersecurity threat. Finally, Mandal concluded that the year of 2018 has been marked by an increased number of spotted CactusTorch attacks.