There is a constant game of cat and mouse between malware writers and security analysts, and it seems that malware writers are having an edge at the moment. A new breed of malware called “Invisible Malware” has been discovered which is impossible to catch by the currently used security software.
How does Invisible Malware Work?
An Invisible Malware, in some instances, resides only in memory, leaving no trace behind and making it impossible for an endpoint protection software to detect it.
In some other cases, it is found in the Basic Input/Output System (BIOS) from where it can infect your system without being detected.
Invisible Malware might also disguise itself as a firmware update and replace your existing firmware update with an infected update. In such a situation, it is difficult to detect and remove it.
According to Alissa Knight from Aite Group, cybersecurity department, this “fileless malware” that operates stealthily inside your system memory can only be removed by forcibly shutting down your computer.
Blue Pill Malware – A Companion Of Invisible Malware
When such a malware affects your system, it might accompany what is known as a “Blue Pill malware” which is a virtual rootkit that loads itself into a virtual machine and then the operating system is loaded into VM.
Virtual rootkits load before the operating system which, in turn, creates a virtual machine for the malware. This makes detection impossible for your antivirus, which is running on the operating system of your computer.
The Future Is Secure But What About the Present?
Computer manufacturers are taking concrete steps to prevent such stealth attacks. For example, Intel has partnered with Lockheed Martin to develop a new series of processors aimed at preventing malware attacks. These processors are called “Intel Select Solution for Hardened Security,” and it isolates critical resources to prevent them from infection by malware.
Additionally, Intel is also working on preventative steps dubbed the “Hardware Sheild” that locks down BIOS to evade attacks.
However, there is no means to prevent such attacks on present-day computers. As per Knight, if companies want to avoid such invisible malware, they need to shift their resources to the cloud.