14 DAY TRIAL // Fileless malware currently follows an increasingly worrying trend for individuals and business because anti-malware protection lacks the tools needed to detect it as reported by Malwarebytes Labs' Under the Radar report.
This new type of under-the-radar malware has lately been observed more and more in the wild by security researchers who also detected surging levels of sophistication being exhibited after each sighting.
Fileless malware is now part of highly complex attacks designed to avoid being detected and to maintain persistence with the help of anti-forensic and propagation techniques spotted in sophisticated nation-state level attacks.
Moreover, fileless-based attacks are frequently encountered during campaigns targeted against businesses and have seen high rates of success because of common anti-malware software solution's lack of tools for spotting this type of malware.
Malwarebytes Labs added that "Those traditional security solutions, deployed at almost every business in the connected world, are simply not built to detect and remove malware that resides in memory rather than on the disk."
Because of this expanding gap in protection, fileless-based attacks, compromises, and resulting data theft have seen massive growth reaching a share of 35% out of the total of attacks during 2018.
Fileless attacks ten times more likely to succeed when compared to file-based campaigns
Furthermore, given the lack of proper protection against fileless security breaches, they are at least ten times more likely to be successful when compared to "old school" file-based attacks.
Unfortunately, the security industry is in most cases very slow in responding to newly emerging malware strains that adopt novel obfuscation and detection avoidance techniques, failing to put in place adequate defense measures in a timely fashion.
"Not all is bad news in security, though, as we do have a lot going for us as in technological developments and innovations in modern features," according to Malwarebytes.
For example, behavioral detection, blocking at delivery, and self-defense modes implemented in anti-malware solutions currently being developed are effective in combating future malware strains that will make use of Artificial Intelligence, continually evolving fileless and “invisible” malware, and businesses becoming the primary target.