2017
DOI: 10.1016/s1353-4858(17)30037-5
|View full text |Cite
|
Sign up to set email alerts
|

Fileless attacks: compromising targets without malware

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
17
0

Year Published

2019
2019
2021
2021

Publication Types

Select...
5
4

Relationship

0
9

Authors

Journals

citations
Cited by 34 publications
(17 citation statements)
references
References 0 publications
0
17
0
Order By: Relevance
“…Twitoor [99] is an Android backdoor and botnet which imitates like a MMS app and accepts commands via tweets. The evolution of malware into its innumerous avatars have now recently reached the fileless malware approach also known as Advanced Volatile Threats (AVTs) [100,101]. AVTs execute its malicious activities in the volatile main memory and is able to escape anti-analysis techniques as the infection traces are available only in memory during its execution.…”
Section: Botnetmentioning
confidence: 99%
See 1 more Smart Citation
“…Twitoor [99] is an Android backdoor and botnet which imitates like a MMS app and accepts commands via tweets. The evolution of malware into its innumerous avatars have now recently reached the fileless malware approach also known as Advanced Volatile Threats (AVTs) [100,101]. AVTs execute its malicious activities in the volatile main memory and is able to escape anti-analysis techniques as the infection traces are available only in memory during its execution.…”
Section: Botnetmentioning
confidence: 99%
“…AVTs execute its malicious activities in the volatile main memory and is able to escape anti-analysis techniques as the infection traces are available only in memory during its execution. It tricks common tools like PowerShell, Windows Management Instrumentation, command prompt, .NET framework, Remote Desktop Protocol (RDP) into attack vectors [56,[100][101][102].…”
Section: Botnetmentioning
confidence: 99%
“…In contrast to all prior existence of malware, fileless malware requires no file to operate and they purely reside in memory and take advantage of existing system tools e.g. powershell [62].…”
Section: Fileless Malwarementioning
confidence: 99%
“…Another way to take advantage of DNS RDATA field is in the case of fileless malware. This type of malware is a stealthy variant of malicious software where the binary of the malware exists solely on the volatile computer memory, such as RAM or the system's registry, and does not leave any trace of activity on the hard disk [17]. This way, fileless malware is resistant to the existing anti-virus strategies.…”
Section: Fileless Malwarementioning
confidence: 99%