Solved

Registry-infecting reboot-resisting malware has NO FILES

  • 4 August 2014
  • 1 reply
  • 21 views

  • Fresh Face
  • 4 replies
The Register has an article this morning about a new form of malware that maintains infection on machines and steals data without installing files. The malware is persistant through even after reboot. The malware resides in the computer registry only, yet isn't visible using RegEdit. Anyway, is webroot aware of this new malware and can webroot protect against it?
 
The Register's article is here: http://www.theregister.co.uk/2014/08/04/registryinfecting_rebootresisting_malware_has_no_files/
 
Gdata Security Blog on it: https://blog.gdatasoftware.com/blog/article/poweliks-the-persistent-malware-without-a-file.html
 
 
icon

Best answer by nic 4 August 2014, 18:56

View original

1 reply

Userlevel 7
Badge +56
I did see that article and check with our threat team.  They said that we'd pick up the Word doc trying to modify the registry as a suspicious activity, preventing it from getting installed in the first place.

Reply