Sat. Dec 14th, 2019

Newly discovered Mac malware uses “fileless” technique to remain stealthy

Source: https://arstechnica.com/?p=1629211

Newly discovered Mac malware uses “fileless” technique to remain stealthy

Enlarge (credit: iphonedigital)

Hackers believed to be working for the North Korean government have upped their game with a recently discovered Mac trojan that uses in-memory execution to remain stealthy.

In-memory execution, also known as fileless infection, never writes anything to a computer hard drive. Instead, it loads malicious code directly into memory and executes it from there. The technique is an effective way to evade antivirus protection because there’s no file to be analyzed or flagged as suspicious.

In-memory infections were once the sole province of state-sponsored attackers. By 2017, more advanced financially motivated hackers had adopted the technique. It has become increasingly common since then.

Read 12 remaining paragraphs | Comments

Source: https://arstechnica.com/?p=1629211

Leave a Reply

Your email address will not be published. Required fields are marked *