Fileless malware is going mainstream, as financially motivated criminal hackers mimic their nation-sponsored counterparts, Kaspersky Lab reported Wednesday.
Two years ago, researchers at the lab discovered their corporate network was infected with malware that resided solely in the memory of the compromised computers, a feat that allowed the infection to remain undetected for six months or more. Kaspersky eventually unearthed evidence that Duqu 2.0, as the never-before-seen malware was dubbed, was derived from Stuxnet.
According to the lab, networks belonging to at least 140 banks and other enterprises have been infected by malware that relies on a fileless, in-memory design to remain nearly invisible. Because infections are so hard to spot, the actual number is likely much higher.