Fileless malware is a recent type of malware that tries to evade detection by deleting all hard copies of its files, and just residing in a process running in memory. Fileless attacks can go even further by leveraging a software exploits to get themselves in memory without dropping any file at all. Unfortunately, cyber criminals have combined the stealthy nature of fileless malware with ransomware. Today’s video talks about Sorebrect, a new fileless ransomware sample that encrypts your files without leaving a file of its own on your computer. Watch below for the details, and check out the Reference section for more information.
Episode Runtime: 4:18
Direct YouTube Link: https://www.youtube.com/watch?v=rhzk10uxYHg
- Researchers post on Sorebrect– Trend Micro
- Fileless ransomware with code injection – The Hacker News
- Decent paper on fileless attacks [PDF] – Kaspersky
- OpenStego steganography program – OpenStego.com