Fileless attacks replacing traditional file-based cyber attacks, surges to 432% in 2017: McAfee
Gadgets Now Bureau | Jul 27, 2018, 05.10PM IST
Fileless attack is the new tactic deployed by cybercriminals to invade systems and breach computer networks. This is revealed by a new research from cyber security provider, McAfee Labs.
Fileless attacks are the ones that leverage trusted Windows executable to attack systems. This type of attack takes advantages of the trust factor between security software and genuine Windows applications.
According to the research, this trend is concerning as the threat actors do not install any software on a user’s computer, making it extremely hard to detect the attack. As the attack is launched through reputable, trusted executable, traditional white list based detection systems fails drastically. This technique is targeting both individual customers as well the corporate users.
The McAfee research highlighted growth of one particular fileless threat, CactusTorch, which can execute custom shellcode on Windows systems. Also, several variants of the threat have been detected, hinting at the significant rate of actors adopting the technique.
According to the Ponemon Institute's "The State of Endpoint Security Risk Report," report estimates that fileless attacks are ten times more likely to succeed than file-based attacks.
The growth of the ‘fileless’ threat category was also evidenced in McAfee’s recent Q2 Threat report. The report discovered many fileless malware campaigns that were launched to leverage Microsoft PowerShell to create a backdoor into a system. This surged to over 432% in 2017.
Fileless attacks are the ones that leverage trusted Windows executable to attack systems. This type of attack takes advantages of the trust factor between security software and genuine Windows applications.
According to the research, this trend is concerning as the threat actors do not install any software on a user’s computer, making it extremely hard to detect the attack. As the attack is launched through reputable, trusted executable, traditional white list based detection systems fails drastically. This technique is targeting both individual customers as well the corporate users.
The McAfee research highlighted growth of one particular fileless threat, CactusTorch, which can execute custom shellcode on Windows systems. Also, several variants of the threat have been detected, hinting at the significant rate of actors adopting the technique.
According to the Ponemon Institute's "The State of Endpoint Security Risk Report," report estimates that fileless attacks are ten times more likely to succeed than file-based attacks.
The growth of the ‘fileless’ threat category was also evidenced in McAfee’s recent Q2 Threat report. The report discovered many fileless malware campaigns that were launched to leverage Microsoft PowerShell to create a backdoor into a system. This surged to over 432% in 2017.
Subscribe and get the
top tech news of the day
Delivered to your mailbox
All Comments (0)+^ Back to Top
Refrain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks, name calling or inciting hatred against any community. Help us delete comments that do not follow these guidelines by marking them offensive. Let's work together to keep the conversation civil.
HIDE