Connect with us

Security

What is Fileless Malware and How to protect yourself against it

Published

on

FILELESS MALWARE

As a matter of fact, malware is advancing at an unprecedented rate. According to G Data security expert, new malware strain is discovered in every 4.2 seconds. One of the more recent developments in attacker tradecraft is so-called “fileless malware.” The hackers have invented many ways to steal important data. In addition, hackers don’t even have to trick you into installing malicious files on your computer.

Fileless malware serves up even more of a risk for companies. Many cybersecurity solutions are already struggling to keep up with malware. It is important for technology pros to be alert to this cyber infection. Because it impacts them in several different ways. Fileless malware is a hidden threat that should concern businesses.

Let’s take a look at how this form of non-malware works and, more importantly, how to protect yourself against it. And you don’t have to be a specialist to understand. Use this guide for your own online safety.

What is Fileless Malware?

Fileless malware infections appeared in August 2014, when the Poweliks Trojan made its debut. It was initially engineered to perform click-fraud, but it evolved to do much more.

The term ”Fileless malware” sounds self-explanatory. But it is equally important to know that the fileless malware doesn’t use any files in the process. In addition, attackers don’t need to install software on a victim’s machine. Instead, adversaries hijack built-in tools in Windows to carry out attacks.

By using the system’s built-in applications, attackers make the browser run malicious code. Moreover, leverage Microsoft Word macros or use Microsoft’s PowerShell framework. As a result, hackers create scripts that are run from the system’s memory making it appear as a normal running process. Hence it is virtually undetectable.

Fileless Malware

Image Source: iStock/stevanovicigor

Fileless malware code resides in a computer’s RAM through the use of carefully crafted PowerShell scripts. PowerShell executes a hidden command against the system. Not to mention, it varies based on an attacker’s intentions and length of time planned for the breach.

Hackers use these system commands to create hidden portion where they store scripts that are misused to compromise systems. For example, creating network proxy connections. Furthermore, these connections are used to communicate with remote command & control (C&C) servers maintained by threat actors for additional payload delivery.

Why cyber criminals use Fileless Malware?

fileless malware

Image Source: Reuters

  • The Big advantage of using fileless malware technique is the ability to avoid being detected by security solutions for as long as possible. As mentioned above, fileless malware directly affects your computer’s RAM memory. Therefore it can only work while you keep your PC on. This means that attackers don’t have to take too much efforts to execute the attack and infiltrate your operating system.
  • Fileless malware has the capacity to utilize a vulnerability that will give them administrator access to the system. Hence attackers can do whatever they want. Such as an collect as much data about the victim and from the victim’s computer as possible.

Types of Fileless Malware

  1. Windows registry malware is the latest fileless malware that is capable of residing in Windows’ registry. The Windows Registry is a collection of databases of configuration settings in Microsoft Windows operating systems. Threat actors have the expertise in the OS’s thumbnail cache to gain persistence. Therefore normal user can’t understand such process.
  2. Memory-resident malware is another fileless malware that uses memory space of a processor which an authentic Windows file. It loads its malicious code into that memory space and stays there until action is taken.

How does this Fileless Malware attack occur?

Let’s look at an example of how this might happen.

  • If You are using chrome browser and has the outdated Flash plugin installed, You end up on a website that hosts the exploit kit. Perhaps, you will get a clever spam message promising untold riches. If you click on a link, it will re-direct you to another malicious page.

fileless malware

  • Further, exploit kit scans for vulnerabilities. Vulnerabilities create possible attack vectors, through which a threat actor could run code or access a target system’s memory. Attacker finds one in your Flash plugin if it is not up-to-date.
  • Flash accesses PowerShell. Further, it immediately starts running the payload in the memory of your Chrome process. In a moment it will connect to the Command & Control servers controlled by the attackers and get the encryption key. And there you go!

How to protect your computer against Fileless Malware attacks

  1. Regularly check security logs and apply security updates for your applications and operating system. Moreover, keeping your apps and OS updated all times reduce the risk of infection by 85%.
  2. Block web pages that host the exploit kit. Cyber criminal use exploit kit to infect computers with malware by exploiting vulnerabilities in browsers and operating systems. Use proactive security product which can block the infected website.
  3. Prevent the delivery of malicious payloads. Once the exploit kit infects the computer, it will connect to Command & Control servers to download the payload and place in your RAM memory.
  4. Disable PowerShell, WMI and macros if you’re not using them. Disable unnecessary services, program features and uninstall applications if you’re not using it.

Also Read: How to unlock Chrome’s inbuilt malware scanner 

Conclusion

Malware attacks pose an extreme and unique security risk and require a different protection model than standard file-based threats. Fileless malware is completely different as it relies on capabilities found in the operating system environment to accomplish its goals.

The future of information security will need to focus more on such malware rather than traditional malware threat. Instead, anti-virus programs will need to inspect the memory and evaluate the working process of programs.

Operating systems will need to take this threat seriously and begin to implement better protections surrounding.

Not to mention, the operating systems are making some efforts to counter this attack but the implementation of better validation and verification of programs is need of the hour in order to protect the users from threats.

 

 

Click to comment
Click on a tab to select how you'd like to leave your comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Android

HTC Exodus 1: Blockchain phone specs, price and release date

Published

on

Smartphone manufacturer HTC is taking a major leap into the cryptocurrency ecosystem. They are stepping into the wider blockchain industry. With HTC U12 and U12+ about to be unveiled in a couple of days, HTC has a lot of surprises for its users in its pocket. On 15th of this month, HTC unveiled a website that showcases the HTC Exodus. And HTC unveiled the Exodus today at web3summit.

Furthermore, there is only one company that has completely succeeded in making a fully blockchain powered device. Swiss company Sirin-Labs unveiled there first phone Finney and HTC is joining the race with Exodus. Finney has a 12-megapixel rear camera with low-light f/1.8 aperture and an 8-megapixel 85-degree wide angle front facing the camera. It is powered by a 3,280mAh battery with fast charging support. Connectivity features include Bluetooth 5.0, NFC and LTE, among others. Specs wise the phone packs pretty much enough but what’s worth mentioning is what happens over the internet. The blockchain phone comes with a Qualcomm Snapdragon 845 processor. It has a 6-inch display at 18:9 aspect ratio, 402ppi and 1500:1 contrast ratio. The phone features 128GB built-in storage and 6GB RAM.

The HTC Exodus 1, aka the ‘blockchain phone’, is nearly ready to enter the wild, with the company has now confirmed the specs of its forthcoming cryptocurrency handset. Check out the TEASER.

Overview

Blockchain phones are the new Virtual Reality. Every smartphone manufacturer is going to add something or the other that gets their hands-on in this domain. Huawei is rumored to be working on a secret Blockchain powered device which will have layers of decentralized apps and much more. Samsung has also created a blockchain network but we have no sources claiming a blockchain phone in the making.

The Taiwanese firm unveiled the World’s first native blockchain phone. The tailor-made Android-powered phone will provide support for decentralized applications(DApps). Apps like CryptoKitties, and will feature a secure hardware enclave for users. Now the users will have access to a Universal Cryptocurrency wallet that is native to the device itself.
With over two decades of experience manufacturing the world’s leading smartphones and shipping over 100 million phones, they believe they can help reshape the internet with the HTC Exodus.

HTC Exodus www.htcexodus.com/

source: HTC

Working with multiple protocols with the intent of interoperability between blockchains. increasing DApp user base. Bringing a streamlined mobile user experience to the DApp community. Providing more nodes on the path to true decentralization. We want to double and triple the number of nodes of Ethereum and Bitcoin. To have your identity and data on the phone rather in a centralized cloud and open-mindedness towards the collective wisdom of the crowd.
This is what HTC claims the Exodus can stand up to. The performance will be incomparable with any device of any brand as there aren’t any competitors in this domain of phones.

  • Exodus will have Hardware support for Cryptocurrencies

  • Will support Bitcoin, Litecoin, and Etherum

  • Advanced security features and claims of virtually “tamper proof”

The phone will be compatible with multiple protocols and will exchange and make use of information vividly. Phil Chen who creates HTC’s virtual reality headset Vive is the leader of the Exodus project. HTC is rumored to be working on a VR specific device. HTC has a lot of gaming genre users and this will help them enhance their users’ experience. Still, it is good enough to witness a new and revolutionary phone.

The company wants customers to be able to pay for the phone with cryptocurrencies, but we haven’t received any distinctive details. “We think that the phone can be an agent in the future for decentralization,” said Chen. “We want you to hold your own key [through] a secure management method in our phones.” This is official early access release to the EXODUS 1. They are inviting a community of developers and enthusiasts to work with us to keep building security. Join them in rebuilding trust together, one phone at a time. Get your early access now! Go to www.htcexodus.com now!

 

What exactly HTC wants Exodus to do

Chen, who now holds the title of CDO (Chief Decentralized Officers), is the head of the firm’s crypto and blockchain related initiatives. “Through the Exodus, we are also excited to be supporting underlying protocols such as Bitcoin, Etherum, Dfinity and more,” Chen wrote in a blog post accompanying the announcement. Still, a vast majority of HTC fans want something new and innovative from them in a long time.

He also wrote that “I want to see a world where the end consumers can truly own their data (browsing history, identity, assets, wallets, emails, messaging, etc) without the need for central authorities. There is a lot of work ahead of us, but I believe the mobile hardware layer can contribute significantly to our new decentralized world.” With Facebook’s Data Leak controversies, HTC might end up taking the lead in the smartphone race with this.

HTC Exodus Blockchain powered phone

Source: HTC

I suppose we have to wait for a month or two to get more info on these type of devices. This revolutionary product might change the way we use the internet today. I don’t know exactly if I wanna buy one. It’ll be fun to use DApps and to hover over the decentralized web tbh. If anything does happen to your device, you can breathe easy, as HTC has imbued the Exodus with a social-themed security protocol that sees users nominate several contacts to hold a piece of a unique security key – and only bringing all of these pieces together will unlock the device.

For the latest tech news and reviews, follow ZO3.tech on TwitterFacebook or Instagram.
Till next time. Over and Out.

Continue Reading

Hacking

Information Security – Why the internet is not safe anymore

Published

on

Since the inception of the internet in 1990, its security features have been highly debatable. Information security is one such crucial aspect of our daily life, virtual and real. In real life, we store valuables in a safe to protect them from theft. But sometimes these safes can be opened with a duplicate key or broken open. In the same way, today tons of our valuable information is stored on web servers and data warehouses. And this digital storage comes under threat of hackers and cyber goons.

It is an age-old saying that to catch a thief, you must think like one. Rajat Khare in his guide to IT Security claims, “The battle between hackers and security professionals will never end. However, it will always improve the security systems of the world.”

Information Security thus protects information from a wide range of threats. It protects sensitive data of businesses and also the privacy of individuals. It is a three factor entity

  1. Confidentiality :- Ensuring information access only with proper authorization
  2. Integrity :- Safeguarding accuracy and completeness of information and ways it is processed
  3. Availability :- Ensuring authorized users have information access whenever required

 

Major Threats and Issues

Basic Threats

  • Password thefts
  • Email based threats
  • Email based extortion
  • Launch of malicious programs (trojans)

Corporate Threats

  • Web defacement
  • Corporate espionage
  • Cheating and frauds
  • Forged websites

Online Threats

  • Email bombing
  • Software, data, information theft
  • Cyber crimes
  • Morphing
  • Denial of service attacks

Other Threats

  • Email forgery
  • Virtual identity forgery
  • Theft of credit card numbers, online bank accounts etc.

 

 

Protecting your computer and network

The most basic method is physical security. This is done by physically securing your computers and laptops from theft, damage and other vulnerable situations. This also includes securing network components physically. Then comes software security, which is a step higher and equally necessary for protection.

Protecting against Internet Intruders

A firewall stands guard between your computer and the internet. It examines everything that passes through it and grants entry only if the entity is not harmful to the computer. It checks for malicious content and barricades their access to the computer software or hardware. The firewall can be set up to block or allow particular types of data.

Most computers today come with built-in firewalls. Firewalls can be installed on a single computer called Personal or Host Firewall. Also, firewalls can be made to protect a whole LAN called Perimeter or Network Firewall. Third party personal firewall software is also available. Firewalls can also block outgoing data, thus preventing your computer to send out personal data without permission.

A firewall may prevent you from using particular internet applications or visiting certain websites. Some firewalls have built in Intrusion Detection System (IDS) functions. An IDS raises an alert when unauthorized error occurs. The IDS can detect patterns and identify and predict threats and attacks.

To understand how VPN works, read this article https://zo3.tech/setup-use-vpn/

Protecting against viruses and malware

Viruses do millions of dollars worth damage to computers every year. Every computer should have adequate virus protection. Installing antivirus software is not enough, the virus definition files must be constantly updated to detect viruses on a regular basis. They can be set on automatic update.A full virus scan should be run at regular intervals on your computer. Full system scans should also be done periodically. Also, turn on auto-protect and email protection features for continuous protection.

Protecting against spyware and adware

Adware/spyware detection and removal software is becoming just as necessary as antivirus software. Use only reputable anti-spyware scanning and removal programs.You can see the following symptoms if you have adware or spyware installed on your computer:

  • Noticeable slow performance
  • Unusual software behaviors such as changes in browser’s home page or programs closing unexpectedly
  • Strange hardware behaviors such as CD drive opening or unusual hard drive activity
  • Strange network behavior
  • Pop-up ads displaying when you are not surfing the web

Protecting against unwanted email

Unwanted or junk mail cannot be entirely eliminated from your mailboxes. However, there are various measures you can take to reduce the amount of spam you receive using spam filtering services and software or using sender verification systems.

Spam can be blocked at firewall level when it first enters the network by Application Layer Filtering. The incoming message can be blocked by regarding sender’s email address or the internet domain from which message originates or by content.

Protecting against social engineers and phishers

Social engineers try to charm, intimidate or trick you into giving them information and phishers try to steal your personal information. You can protect yourself from both by being aware of what is happening and just saying no. Be wary of people/sites that ask you for account related or personal details, because they can be misused.

Do not be fooled by emails claiming to be from trusted organizations and reveal your details. Ensure thorough background checks for the legitimacy of the sender. Do not click on links contained in emails to visit an organization’s website. Instead, manually type in the URL of the organization’s home page.

Continue Reading

Featured

Top 10 Best Cloud Storage for Better Safety(2018)

Published

on

By

best cloud storage 2018

These days storing important files either it is personal or official, in hard drives means compromising our safety. There is always a threat of losing data maybe from disk failure or being stolen by someone.

So, for overcoming this problem there are many solutions but today we are going to discuss cloud storage. Cloud storage is a computer data storage in which the digital data is stored in logical pools.

Best Cloud Storage 2018

1. Google Drive

best cloud storage 2018

Google Drive is a file storage service developed by Google. It helps us to keep photos, stories, designs, drawings, recordings, videos, and more. Your files in GoogleDrive can be reached from any platform.

Pricing: Your first 15 GB of storage are free with a Google Account. After this free quota, you will have to pay $1.8(130 INR) per month for the next 100 GBs and $8.99(650 INR) per month for 1 TB.

Google Drive
Google Drive
Developer: Google LLC
Price: Free+

2. One Drive

best cloud storage 2018

OneDrive is a file hosting service and synchronization service operated by Microsoft as part of its suite of Office Online services. Stay productive when you’re off the grid. You can access your files offline too, which means you can always have your most important stuff along with you.

Pricing: Your first 5 GB of storage will be free with One Drive Basic plan. After the free quota, you will have to pay $1.7(123 INR)  per month for 50 GB, $4.98(360 INR)  per month for 1 TB, and $6.36(460 INR)  per month for 5 TB.

Microsoft OneDrive
Microsoft OneDrive
Price: Free+

3. DropBox

best cloud storage 2018

Dropbox is a file hosting service operated by American company Dropbox, Inc., headquartered in San Francisco, California, that offers cloud storage, file synchronization, personal cloud, and client software. Dropbox brings your files together, in one place. They’re easy to find and safely synced across all your devices so you can access them anytime, anywhere. No more wasting the day tracking down work.

It also provides Dropbox Paper, it is your team’s place to bring ideas to life. Brainstorm, collect inspiration, share rough drafts. Paper can hold everything from video and images to code and sound.

Pricing: Dropbox comes with 2 GB of free storage (which can be increased up to 16GB free of charge by linking your Dropbox to social media and referring friends to join the service). After this free quota, you will have to pay $9.99 per month for 1 TB, and $19.99 per month for 2 TB.

Dropbox
Dropbox
Developer: Dropbox, Inc.
Price: Free+

4. iCloud

best cloud storage 2018

iCloud is a cloud storage and cloud computing service from Apple Inc. Previously it was known as Apple MobileMe and its word was to sync email, contacts, calendars, bookmarks, notes, reminders (to-do lists), iWork documents, photo, and other data.

One and only drawback of iCloud is that it only works for Apple users.

Pricing: Along with some storage, there are some paid like 50 GB of storage for $0.99 per month, 200 GB for $2.99 per month and 1 TB of storage for $9.99 per month.

 

5. Box

best cloud storage 2018

Box, Inc. is a cloud content management and file sharing service for businesses. With Box, all of your documents, images, videos and more are stored securely in the cloud, so everyone in your organization can easily access, edit, share, and comment on work from any device. Box protects all of your content with advanced security controls, encryption key management, and complete information governance.

Pricing: Box comes with free 10 GB of storage. After free quota, you will have to pay $5.67 per month for 100 GB and $16.05 per month for unlimited storage with 5 GB file upload limit.

Box
Box
Developer: Box
Price: Free

6. MEGA

best cloud storage 2018

Mega is a cloud storage and file hosting service offered by Mega Limited, a New Zealand-based company. The service is offered primarily through web-based apps. Mega is known for its security feature where all files are end-to-end encrypted locally before they are uploaded.

Pricing: Free account users receive 15 GB of free storage and paid account users are provided 200 GB storage 1 TB storage 2 TB storage 4 TB storage and 8 TB storage plan.

MEGA
MEGA
Developer: Mega Ltd
Price: Free+

7. Amazon Drive 

best cloud storage 2018

Amazon Drive, formerly known as Amazon Cloud Drive, is a cloud storage application managed by Amazon. Access your content from nearly any device. Free mobile apps for iOS and Android let you quickly view, organize, and share things when you need to, no matter where you are.

Pricing: 5 GB of free storage comes with Amazon Prime membership. Other plans include 100 GB of storage for $11.99 per year and 1 TB of storage for $59.99 per year.

Amazon Drive
Amazon Drive
Price: Free

8. MediaFire

best cloud storage 2018

MediaFire is a file hosting, file synchronization, and cloud storage service based in Shenandoah, Texas, United States. MediaFire comes with unlimited bandwidth and no download limit and also with the One-Time link which can’t further be shared from 2nd party to 3rd party, this makes MediaFire more sensitive for personal and official content.

Pricing: MediaFire comes 15 GB of free storage (which can be extended to 50 GB with some perks) and there is also a pro plan which comes 1 TB storage for $3.75 per month and 100 TB for $40 per month.

MediaFire
MediaFire
Developer: MediaFire
Price: Free

9. IDrive

best cloud storage 2018

IDrive Inc. is a technology company that specializes in data backup applications.

Pricing: It comes with 5 GB of free storage and up to 2 TB of storage for $52.12 per year

IDrive Online Backup
IDrive Online Backup
Developer: IDrive Inc
Price: Free+

10. Ubuntu One

best cloud storage 2018

Ubuntu One is an OpenID-based single sign-on service operated by Canonical Ltd. to allow users to log onto many Canonical-owned Web sites. Until April 2014, Ubuntu One was also a file hosting service and music store that allowed users to store data “in the cloud”.

The service enabled users to store files online and sync them between computers and mobile devices, as well as stream audio and music from the cloud to mobile devices.

Pricing: It comes with the rate of $0.01 for 1 GB.

For more content like this, Join the ZO3 Tech Community!

Also Read: Hosting websites like a boss

Continue Reading

Trending

you're currently offline