In-Memory Malware Hitting Banks Across The Globe
Residing almost entirely in memory, these new attacks are much harder to combat
An article review.
Our friend Wes Pollard at Home Bank turned us on to this story from Ars Technica about a rash of new malware attacks with a new twist: they reside almost entirely in a computer’s memory.
Traditional attacks have installed themselves on computer hard drives like any other program, meaning anti-virus programs can locate and identify them during routine scans. These new attacks are so advanced that Kaspersky Labs itself only became aware of the new malware when their own corporate network became infected with it!
Adding another layer of complexity, this new malware uses existing system administration tools such as Powershell to inject themselves into a system’s memory, where they can more easily evade detection.
As of now it is not known how this new malwae initially enters a system. Kaspersky Labs has said that they will release a paper in April with more details about the new threat, but until then financial firms are advised to be on the lookout for anything unusual on their networks.
Original article by Dan Goodin writing for Ars Technica.