Potential Threat For Windows Might Inject Malicious Code To Various Processes

Potential Threat For Windows Might Inject Malicious Code To Various Processes
"Virus" (CC BY 2.0) by Yu. Samoilov

Online threats are becoming more and more sophisticated, as it seems. Now there is a new threat that involves malicious code and no detection from antivirus software. As it turns out, security experts have found out that there is malware available that goes without detection.

Play Quizzes 4

Such malware can be catastrophic to devices, without the users being able to prevent it. There is an innovative technique that allows malware to inject the malicious code in other processes and run its course. In this way, the malware will be successful and the results for Windows user will be disastrous.

Windows users face AtomBombing threat

The new threat has taken the name AtomBombing. The security experts have chosen this name, because of the Windows atom tables. This is a mechanism that the malware uses, so as to attack the system from within. Tal Liberman from Ensilo has written a blog post about this new threat and he quotes:

This Long/ Short Equity Firm Sees A Time-Arbitrage Opportunity In This Pest Control Merger

PestYost Partners was up 0.8% for the first quarter, while the Yost Focused Long Funds lost 5% net. The firm's benchmark, the MSCI World Index, declined by 5.2%. The funds' returns outperformed their benchmark due to their tilt toward value, high exposures to energy and financials and a bias toward quality. In his first-quarter letter Read More

“The underlying Windows mechanism which AtomBombing exploits is called atom tables. These tables are provided by the operating system to allow applications to store and access data. These atom tables can also be used to share data between applications. What we found is that a threat actor can write malicious code into an atom table and force a legitimate program to retrieve the malicious code from the table. We also found that the legitimate program, now containing the malicious code, can be manipulated to execute that code.”

Antivirus and other security solutions are not able to detect the new malware, which makes things frustrating. There is no way for these solutions to track down the threat and prevent the damage from happening.

It is also worth noting that the malware injection might take a lot of forms and lead to various results. For instance, it might lead to the leakage of snapshots from your computer or to the copy of login credentials to all your accounts. The possibilities are limitless.

Tal Liberman and other security experts cannot stress enough the importance of proper security patterns. All Windows users (and computer users altogether) should apply the necessary safety measures that diminish all threats deriving from malware. Without weak spots, it is much more difficult for new threats to take place.

So it is best to prevent than cure, as everyone agrees on. Be sure to incorporate all the requirements that strengthen the security level of your computer. In the meantime, antivirus and other security solutions will do their part.

Updated on

No posts to display


Comments are closed.