Fileless Malware

[819b6ca 0]

Hello,

I am an eset customer (ESET Internet Security V 11.1.42.0) and was reading an older e-mail from Emsisoft regarding "fileless malware."  I had not heard of it and so was working to get up to speed.  While doing so, I wondered what, if anything, eset has to say about this, and if my EIS was up to the task.  I did a forum search and found only one existing topic that even remotely addressed this issue, so that's why I'm posting.

Thanks for whatever feedback.

Regards.

[khairulaizat92 9]

Well, as per mention in this forum;

https://forum.eset.com/topic/13067-does-eset-block-file-less-malware/

Another thing is, this so called file less attacks have a behaviour like previous old virus which i didnt remember its name, when it infect the PC (even though it do install it self on the pc before inject legitimate software by modifying it code to include part of the virus it self). 

I have seen it once by chance, and yeah eset does protect you from it. But again, just like malware, there are still fileless malware that cannot be detect.

However, by using properly HIPS rules, you can set a rules to protect the targeted system files. Even though im not expert enough to advice which or the example of rules you can set in order to prevent this. For Example you did not use powershell, then set the rules on the hips to block any access to powershell. 

However, usually it being used on large company to gain certain profit or for espionage mission. So i dont think regular user will be impacted by this. Unless you are a company user with a lot of sensitive information which cyber criminals or certain country want, you might want to use only your company pc, within you company network that have been firewalled properly and monitored for suspicious activity.