A new type of malware is attacking firewalls, and unfortunately it’s incredibly difficult to see and catch. This “invisible malware,” as it’s being called lodges itself in hard to find places within your computer, sometimes only in it’s memory, sometimes within the Basic Input/Output System (BIOS), or as a firmware update that disguises itself as your existing software. Each version of the malware is incredibly difficult to find, as it hides in places where endpoint protection cannot scan.
It was only a matter of time until such “invisible malware” made its way onto the watch lists of security analysts. After all, with the coverage and accuracy of Endpoint Detection and Response software increasing, malware creators and hackers needed to find a way into computers without being detected. During the first few months of 2018 alone, cybersecurity experts found that there was a 94% rise in attacks using invisible malware.
As previously stated, invisible malware may first attack a range of places within a computer. Basically, wherever it detects vulnerabilities it will attach itself and then continue to spread rather quickly.
Like the name implies, it has no identity and leaves little trace, or none at all. Other types of malware act in specific, identifiable ways, making it simple for heuristic scanners to find. However, invisible malware does not have a behavior pattern. Instead, it infects the computer using regular processes and approved applications to attack. In many cases, invisible malware is also paired with other types of malware.
Blue Pill Malware
Accompanying invisible malware may be what is industry-known as “Blue Pill malware.” This is a virtual rootkit that settles into a virtual machine which in turn transforms the operating system to support itself. Such a transformation makes it near impossible for antivirus software to detect the malware since it is hiding, and essentially controlling, the computer’s operating system.
Protection and Security
Invisible malware infects your computer in many of the same ways regular malware might. For example, clicking on a banner ad and being led to a malicious site may be all it takes to be infected.
Email links also continue to be a favorite mode of delivery for malware writers. PDF files from unknown senders should be accessed warily. Downloading a PDF file may allow antivirus software to trace and catch the malware, but opening it without downloading it opens a secret door into your computer for malware to slip through.
Cyber security experts claim that the most effective means of stop invisible malware from taking root is by rebooting a computer. Since this type of malware lives in a computer’s RAM drive, which stores computer data, rebooting it should effectively remove any trace of malware. However, experts also warn that a hacker may still be able to use scripts that would allow them to restart the computer and continue running the malware.
In general, practicing safe and cautious practices are still the most effective way to stop cyber security attacks, including those caused by invisible malware. Make sure your antivirus protection stays up-to-date and be wary of banner ads and email links.