Potential Threat For Windows Might Inject Malicious Code To Various Processes

Potential Threat For Windows Might Inject Malicious Code To Various Processes
"<a href="https://www.flickr.com/photos/yusamoilov/15462325023/">Virus</a>" (<a href="https://creativecommons.org/licenses/by/2.0/">CC BY 2.0</a>) by <a href="https://www.flickr.com/people/yusamoilov/"> </a><a href="https://www.flickr.com/people/yusamoilov/">Yu. Samoilov</a><a href="http://www.imagecodr.org/"> </a>

Online threats are becoming more and more sophisticated, as it seems. Now there is a new threat that involves malicious code and no detection from antivirus software. As it turns out, security experts have found out that there is malware available that goes without detection.

Such malware can be catastrophic to devices, without the users being able to prevent it. There is an innovative technique that allows malware to inject the malicious code in other processes and run its course. In this way, the malware will be successful and the results for Windows user will be disastrous.

Windows users face AtomBombing threat

The new threat has taken the name AtomBombing. The security experts have chosen this name, because of the Windows atom tables. This is a mechanism that the malware uses, so as to attack the system from within. Tal Liberman from Ensilo has written a blog post about this new threat and he quotes:

ADW Capital’s 2020 letter: Long CDON, the future Amazon of the Nordics

Investing Greenhaven Road CapitalADW Capital Partners was up 119.2% for 2020, compared to a 13.77% gain for the S&P 500, an 11.17% increase for the Russell 2000, and an 8.62% return for the Russell 2000 Value Index. The fund reports an annualized return of 24.63% since its inception in 2005. Q4 2020 hedge fund letters, conferences and more Read More

“The underlying Windows mechanism which AtomBombing exploits is called atom tables. These tables are provided by the operating system to allow applications to store and access data. These atom tables can also be used to share data between applications. What we found is that a threat actor can write malicious code into an atom table and force a legitimate program to retrieve the malicious code from the table. We also found that the legitimate program, now containing the malicious code, can be manipulated to execute that code.”

Antivirus and other security solutions are not able to detect the new malware, which makes things frustrating. There is no way for these solutions to track down the threat and prevent the damage from happening.

It is also worth noting that the malware injection might take a lot of forms and lead to various results. For instance, it might lead to the leakage of snapshots from your computer or to the copy of login credentials to all your accounts. The possibilities are limitless.

Tal Liberman and other security experts cannot stress enough the importance of proper security patterns. All Windows users (and computer users altogether) should apply the necessary safety measures that diminish all threats deriving from malware. Without weak spots, it is much more difficult for new threats to take place.

So it is best to prevent than cure, as everyone agrees on. Be sure to incorporate all the requirements that strengthen the security level of your computer. In the meantime, antivirus and other security solutions will do their part.

No posts to display