Every time an antivirus software detects and quarantine a new malware, it’s like a success for the developers, company and end users. Though the companies always strive to upgrade their Antivirus to cope with the advanced threats, it seems the malware writers are having an edge these days.
Today, I would like to talk about a new ‘Invisible malware’ which is impossible to catch by the currently available security software. This malware is so advanced that sometimes it resides only in the memory which means there’s no suspicious file on your disk to be scanned by the antivirus software.
How ‘Invisible Malware’ Works?
Besides only residing in the memory, sometimes the invisible malware also found in the BIOS (Basic Input/Output System) and can affect your system without being tracked by any malware protection software.
Not only this, the malware is even capable of disguising users as it’s a firmware update and ultimately replaces their existing firmware update, making it extremely difficult to revert the changes.
“This ‘fileless malware’ that operates stealthily inside your system memory can only be removed by forcibly shutting down your computer,” said Alissa Knight of cybersecurity department, Aite Group.
Blue Pill Malware and More
When your system is affected with such malware, it’s known as a ‘Blue Pill malware‘, which is a virtual rootkit that automatically loads itself into the virtual machine and after that, the operating system is loaded into the virtual machine. This also enables it to fake a shutdown and restart while letting the malware keep running. It also restricts you to use the shutdown choice in Microsoft Windows 10.
As you might know, the rootkit always loads before the OS and thus creates a wonderful way for the malware. The Antivirus runs on the operating system and which is itself loading after the malware. Thus, it’s not possible for Antivirus software to detect such malware.
It’s not like companies are not taking any action against these dangerous threats, but the thing is they will protect us in the future, what about today?
Intel has partnered Lockheed Martin to work on a new series of processors capable of preventing such malware attacks. These processors are called “Intel Select Solution for Hardened Security,” which basically separates all the critical resources so that they can’t be infected by malware. They are also planning to take some major steps to lock down the BIOS and avoid attacks.
However, if companies want to avoid such attacks in the current time, they need to shift their critical resources to the cloud.