{"id":28384,"date":"2022-06-24T10:08:37","date_gmt":"2022-06-24T10:08:37","guid":{"rendered":"https:\/\/easydmarc.com\/blog\/?p=28384"},"modified":"2023-08-03T10:49:17","modified_gmt":"2023-08-03T10:49:17","slug":"what-is-fileless-malware-and-how-to-protect-against-attacks","status":"publish","type":"post","link":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/","title":{"rendered":"What is Fileless Malware and How to Protect Against Attacks?"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">Cybercrime has always been a threat to businesses, especially those relying on infotech. Its global cost reached <\/span><a href=\"https:\/\/www.newindianexpress.com\/world\/2022\/may\/11\/global-cost-of-cybercrime-topped-usd-6-trillion-in-2021-defence-firm-2452371.html#:~:text=Global%20cost%20of%20cybercrime%20topped%20USD%206%20trillion%20in%202021%3A%20Defence%20firm,-%22One%20fifth%20of\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">$6 trillion in 2021<\/span><\/a><span style=\"font-weight: 400;\">, which is a scary statistic. Thus, corporate awareness about malware, phishing, scamming, etc., is a must.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">So, in this blog post, we discuss one of the common <\/span><a href=\"https:\/\/easydmarc.com\/blog\/11-types-of-malware-and-how-to-recognize-them\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">types of malware<\/span><\/a><span style=\"font-weight: 400;\"> on the rise lately: <\/span><b>Fileless malware<\/b><span style=\"font-weight: 400;\">.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Before we get into it: <\/span><span style=\"font-weight: 400;\">What is malware<\/span><span style=\"font-weight: 400;\">? Malware is short for malicious software used to enter a system to steal or intercept crucial data.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Read on to learn about<\/span><b> fileless malware<\/b><span style=\"font-weight: 400;\"> types, examples, and ways to spot and prevent it.<\/span><\/p>\n<h2><b>What is Fileless Malware?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Fileless malware<\/span><span style=\"font-weight: 400;\"> is malicious software that doesn\u2019t require any file to infiltrate your system. This is atypical of other malware, like <\/span><a href=\"https:\/\/easydmarc.com\/blog\/what-is-virus-malware-and-how-does-it-work\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">viruses<\/span><\/a><span style=\"font-weight: 400;\">. Basically, attackers hide<\/span><b> fileless malware<\/b><span style=\"font-weight: 400;\"> within genuine programs to execute spiteful actions.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Generally, <\/span><b>fileless malware attacks<\/b><span style=\"font-weight: 400;\"> aim to make money or hamper a company\u2019s reputation. It\u2019s relatively difficult <\/span><b>to remove fileless malware<\/b><span style=\"font-weight: 400;\"> as it\u2019s memory-based, which means it doesn\u2019t have any signature like file-based malware such as <\/span><span style=\"font-weight: 400;\">adware<\/span><span style=\"font-weight: 400;\">.<\/span><\/p>\n<h2><b>How Does Fileless Malware Work?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Now, let\u2019s look at <\/span><b>how fileless malware works<\/b><span style=\"font-weight: 400;\">.&nbsp;<\/span><\/p>\n<p><b>Fileless malware<\/b><span style=\"font-weight: 400;\"> operates in the system&#8217;s memory without being stored in a file or installed on your device. Most hackers use Microsoft Windows PowerShell, a tool for automating tasks, to execute malicious actions.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Since it\u2019s not file-based but rather memory-based, <\/span><b>fileless malware<\/b><span style=\"font-weight: 400;\"> doesn\u2019t require a cybercriminal to load malicious code onto a victim\u2019s system. Instead, bad actors exploit vulnerabilities on native tools to execute commands, code sequences, etc. that run on memory.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This kind of malwareusually enters through a phishing email asking users to click or download a malicious link or attachment. It can also be injected or embedded directly into already-installed applications and other legitimate programs. This goes undetected by traditional security tools that typically scan files but not memory for anomalies indicating malware.&nbsp;<\/span><\/p>\n<h3><b>Stages<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Here are the four stages of a typical <\/span><b>fileless malware attack<\/b><span style=\"font-weight: 400;\">.<\/span><\/p>\n<h4><b>Stage 1: Hackers Gain Remote Access<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">Just like other <\/span><a href=\"https:\/\/easydmarc.com\/blog\/top-10-most-common-types-of-cyber-attacks\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">types of cyberattacks<\/span><\/a><span style=\"font-weight: 400;\">, a threat actor initiates a <\/span><b>fileless malware exploit <\/b><span style=\"font-weight: 400;\">by establishing a foothold in the victim&#8217;s system.<\/span><\/p>\n<h4><b>Stage 2: Obtaining Credentials<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">After gaining remote access, they try different tricks to steal credentials of the compromised environment. This helps them move freely in the system and use <\/span><b>fileless malware<\/b><span style=\"font-weight: 400;\"> to fulfill their objective.&nbsp;<\/span><\/p>\n<h4><b>Stage 3: Maintain Persistence<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">Next, cyberactors modify the settings to create a backdoor to return to the environment without repeating the previous steps.&nbsp;<\/span><\/p>\n<h4><b>Stage 4: Data Exploitation and Escaping<\/b><\/h4>\n<p><span style=\"font-weight: 400;\">Lastly, attackers steal or intercept compressed data and prepare for exfiltration. They may even encrypt data to attempt a <\/span><a href=\"https:\/\/easydmarc.com\/blog\/ransomware-attacks-a-complete-guide\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">ransomware attack<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n<h3><b>Example of Fileless Malware<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Operation Cobalt Kitty is one of the most popular <\/span><b>fileless malware examples<\/b><span style=\"font-weight: 400;\">. In this, hackers targeted an Asian company to steal proprietary business information using phishing emails. They used PowerShell to hit more than 40 computers and networks to gain a foothold in the system.<\/span><\/p>\n<h2><b>What are the Types of Fileless Malware?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Threat actors are becoming more sophisticated and organized in planning and executing <\/span><b>fileless malware attacks<\/b><span style=\"font-weight: 400;\"> of various types. Here are some of them.<\/span><\/p>\n<h3><b>Exploit Kits<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Exploits are codes, commands, or data, that are collectively called exploit kits. Hackers use them to spot and exploit vulnerabilities in an operating system or software.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This is a common method to attempt <\/span><b>fileless malware attacks<\/b><span style=\"font-weight: 400;\"> as direct injection to the RAM (random access memory) is possible. Like with <\/span><a href=\"https:\/\/easydmarc.com\/blog\/what-is-a-computer-worm-and-how-does-it-work\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">computer worms<\/span><\/a><span style=\"font-weight: 400;\">, malicious actors can automate this process.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bad actors entice victims through <\/span><a href=\"https:\/\/easydmarc.com\/blog\/social-engineering-a-complete-guide\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">social engineering<\/span><\/a><span style=\"font-weight: 400;\"> or phishing emails containing malicious links or attachments. They then use exploit kits to scan and exploit vulnerabilities, often gaining total remote control over the victim\u2019s system.<\/span><\/p>\n<h3><b>Registry Resident Malware<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Registry resident malware self-installs in the Windows to stay active while remaining undetected. Usually, threat actors attack the Windows system through a dropper program that downloads corrupted files. However, in this case, the dropper itself writes malicious codes directly into the Windows registry.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">These spiteful codes are hidden in native files; hence it\u2019s challenging to<\/span> <a href=\"https:\/\/easydmarc.com\/blog\/how-to-detect-malware\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">detect malware<\/span><\/a><span style=\"font-weight: 400;\"> of such kind. This <\/span><b>fileless malware<\/b><span style=\"font-weight: 400;\"> can also get activated every time the Windows operating system launches.&nbsp;<\/span><\/p>\n<h3><b>Memory-Only Malware<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Memory-only malware stays in the device\u2019s memory space only. It persists even when a victim reboots the infected device because it can re-execute itself. Registry entries and background intelligent transfer service or BITS tasks are the common mechanisms used for this exercise. BITS is a component used for downloads and uploads between devices and remote servers without degrading the network quality.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">One of the common memory-only <\/span><b>fileless malware examples <\/b><span style=\"font-weight: 400;\">is Duqu 2.0, which resides in the memory. It has two versions; one allows an attacker to get a beachhead position, and the second helps in reconnaissance, lateral movement, and data exfiltration.&nbsp;<\/span><\/p>\n<h3><b>Fileless Ransomware<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">These days <\/span><a href=\"https:\/\/easydmarc.com\/blog\/how-dangerous-is-hybrid-malware\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">hybrid malware<\/span><\/a> <span style=\"font-weight: 400;\">attacks are on the rise. One of the common combinations is <\/span><b>fileless malware<\/b><span style=\"font-weight: 400;\"> and ransomware, collectively called fileless ransomware. Hackers implant malicious codes in documents and inject them directly into the systems\u2019 memory using exploit kits.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Then they encrypt crucial data and demand ransom in exchange for the decryption key. Thus companies should know <\/span><b>how to prevent fileless malware attacks<\/b><span style=\"font-weight: 400;\"> and ransomware by regularly backing up crucial data.&nbsp;<\/span><\/p>\n<h3><b>Stolen Credentials<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">At times, threat actors use other malware, such as<\/span> <a href=\"https:\/\/easydmarc.com\/blog\/what-is-a-trojan-and-how-does-it-work\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">trojan viruses<\/span><\/a><span style=\"font-weight: 400;\">,<\/span><span style=\"font-weight: 400;\"> to steal user credentials and attack by disguising themselves as legitimate users. Once entered, they use native tools like Windows Management Instrumentation for <\/span><b>fileless malware analysis<\/b><span style=\"font-weight: 400;\">. Cybercriminals often hide codes in the registry or create user accounts to access the system without repeating the previous steps.<\/span><\/p>\n<h2><b>How to Spot Fileless Malware?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Now that you&#8217;re fairly aware of <\/span><b>how fileless malware works<\/b><span style=\"font-weight: 400;\">, it&#8217;s time to know how to spot it. It&#8217;ll also help to learn <\/span><b>how to remove fileless malware<\/b><span style=\"font-weight: 400;\"> in an infected system.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Since codes for <\/span><b>fileless malware attacks <\/b><span style=\"font-weight: 400;\">are never written in disks themselves, they can\u2019t be detected using the usual allowlisting and signature-based authentication protocols. They go unspotted by traditional antivirus software and machine-learning methods as well.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">So, rely on indicators of attack instead of indicators of compromise. The indicators of attack or IOAs are signals of a <\/span><b>fileless malware attack<\/b><span style=\"font-weight: 400;\"> in progress. An IOA might not indicate an attack, but its combinations would.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">IOAs don\u2019t focus on the steps involved in compromising a system but rather observe signs of an attack in progress. <\/span><b>Fileless malware analysis<\/b><span style=\"font-weight: 400;\"> is done by examining the relation of the malicious action with other actions and its position in the series planned by the hacker.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">IOAs can even expose and avert ill-natured activities done using a genuine user account with stolen credentials.<br \/>\n<\/span><\/p>\n<h2><b>How to Prevent Fileless Malware?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Conscious steps taken to <\/span><a href=\"https:\/\/easydmarc.com\/blog\/how-to-prevent-malware-attacks-in-2022\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">prevent malware attacks<\/span><\/a> <span style=\"font-weight: 400;\">like <\/span><span style=\"font-weight: 400;\">malvertising<\/span><span style=\"font-weight: 400;\"> and <\/span><b>fileless malware <\/b><span style=\"font-weight: 400;\">can protect your database and brand image. Here are a few tips on <\/span><b>how to prevent fileless malware attacks<\/b><span style=\"font-weight: 400;\">.<\/span><\/p>\n<h3><b>Managed Threat Hunting Services<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Threat hunting takes a lot of time and effort as you have to gather and standardize bulk data. Since it&#8217;s a 24\/7 drill, you can outsource it to agencies to monitor your systems proactively. It&#8217;ll work in addition to your traditional cybersecurity systems and ensure no malicious activity goes undetected.&nbsp;<\/span><\/p>\n<h3><b>Phishing Prevention<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The best thing you can do to <\/span><b>prevent fileless malware attacks<\/b><span style=\"font-weight: 400;\"> is to keep a watertight system. If you notice the following signs of phishing emails, don\u2019t open any attachments or click on any links.<\/span><\/p>\n<ul>\n<li><span style=\"font-weight: 400;\">An unfamiliar greeting from a person who regularly sends you emails.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Emails creating a sense of urgency with words like &#8216;immediately.&#8217;<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Unusual requests like asking for login credentials (even if they seem legitimate).&nbsp;<\/span><\/li>\n<\/ul>\n<h3><b>Education and Awareness Sessions for Employees<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Regular sessions educating employees about the practices to avoid <\/span><b>fileless malware<\/b><span style=\"font-weight: 400;\">, spyware, ransomware, etc., can go a long way. Most cyberattacks succeed due to employees&#8217; lack of awareness alone.&nbsp;<\/span><\/p>\n<h3><b>Updating Browsers and Software<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">You shouldn&#8217;t miss or ignore &#8216;update&#8217; notifications or pop-ups. Usually, the updated versions have better codes that can fight new tactics of breaking into a system. Older versions of programs and operating systems are more susceptible to malware.<\/span><\/p>\n<h2><b>Final Thoughts<\/b><\/h2>\n<p><b>Fileless malware<\/b><span style=\"font-weight: 400;\"> typically injects malicious codes into a system without using any files. This is generally done using phishing and social engineering tactics You should look for indicators of attack instead of compromise to detect such incidents.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Also, educate your employees to be careful while using the internet, especially with their email accounts. Ask them to avoid clicking any suspicious or unfamiliar links.<br \/>\n<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybercrime has always been a threat to businesses, &#8230;<\/p>\n","protected":false},"author":1,"featured_media":33263,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[204,290,199,296],"tags":[],"class_list":["post-28384","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-cyberattacks-cyberthreats","category-cybersecurity","category-malware"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.4 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>What is Fileless Malware | EasyDMARC<\/title>\n<meta name=\"description\" content=\"Hackers use fileless malware to attack a system. They hide corrupt codes in genuine programs. Discover how to spot and prevent it here.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is Fileless Malware and How to Protect Against Attacks?\" \/>\n<meta property=\"og:description\" content=\"Hackers use fileless malware to attack a system. They hide corrupt codes in genuine programs. Discover how to spot and prevent it here.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"EasyDMARC\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/EasyDMARC\/\" \/>\n<meta property=\"article:published_time\" content=\"2022-06-24T10:08:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-03T10:49:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/06\/What-is-Fileless-Malware-and-How-to-Protect-Against-Attacks_-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1441\" \/>\n\t<meta property=\"og:image:height\" content=\"910\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"EasyDMARC\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@easydmarc\" \/>\n<meta name=\"twitter:site\" content=\"@easydmarc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"EasyDMARC\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/\"},\"author\":{\"name\":\"EasyDMARC\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/person\\\/449261e9810b270cc697c7c9c5b89e97\"},\"headline\":\"What is Fileless Malware and How to Protect Against Attacks?\",\"datePublished\":\"2022-06-24T10:08:37+00:00\",\"dateModified\":\"2023-08-03T10:49:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/\"},\"wordCount\":1438,\"publisher\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/What-is-Fileless-Malware-and-How-to-Protect-Against-Attacks_-1.jpg\",\"articleSection\":[\"Blog\",\"Cyberattacks and Cyberthreats\",\"Cybersecurity\",\"Malware\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/\",\"name\":\"What is Fileless Malware | EasyDMARC\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/What-is-Fileless-Malware-and-How-to-Protect-Against-Attacks_-1.jpg\",\"datePublished\":\"2022-06-24T10:08:37+00:00\",\"dateModified\":\"2023-08-03T10:49:17+00:00\",\"description\":\"Hackers use fileless malware to attack a system. They hide corrupt codes in genuine programs. Discover how to spot and prevent it here.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/What-is-Fileless-Malware-and-How-to-Protect-Against-Attacks_-1.jpg\",\"contentUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/What-is-Fileless-Malware-and-How-to-Protect-Against-Attacks_-1.jpg\",\"width\":1441,\"height\":910},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-fileless-malware-and-how-to-protect-against-attacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Blog\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cybersecurity\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/cybersecurity\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Cyberattacks and Cyberthreats\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/cybersecurity\\\/cyberattacks-cyberthreats\\\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"Malware\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/cybersecurity\\\/cyberattacks-cyberthreats\\\/malware\\\/\"},{\"@type\":\"ListItem\",\"position\":6,\"name\":\"What is Fileless Malware and How to Protect Against Attacks?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/\",\"name\":\"EasyDMARC\",\"description\":\"Blog\",\"publisher\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/#organization\",\"name\":\"EasyDMARC\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/img\\\/logo.png\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/EasyDMARC\\\/\",\"https:\\\/\\\/x.com\\\/easydmarc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/easydmarc\\\/mycompany\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/person\\\/449261e9810b270cc697c7c9c5b89e97\",\"name\":\"EasyDMARC\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fcbf1ca829f8e0977fce524da20caa8a528368d0909ce48741526046e5113259?s=96&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fcbf1ca829f8e0977fce524da20caa8a528368d0909ce48741526046e5113259?s=96&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fcbf1ca829f8e0977fce524da20caa8a528368d0909ce48741526046e5113259?s=96&r=g\",\"caption\":\"EasyDMARC\"},\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/author\\\/easydmarc\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What is Fileless Malware | EasyDMARC","description":"Hackers use fileless malware to attack a system. They hide corrupt codes in genuine programs. Discover how to spot and prevent it here.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/","og_locale":"en_US","og_type":"article","og_title":"What is Fileless Malware and How to Protect Against Attacks?","og_description":"Hackers use fileless malware to attack a system. They hide corrupt codes in genuine programs. Discover how to spot and prevent it here.","og_url":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/","og_site_name":"EasyDMARC","article_publisher":"https:\/\/www.facebook.com\/EasyDMARC\/","article_published_time":"2022-06-24T10:08:37+00:00","article_modified_time":"2023-08-03T10:49:17+00:00","og_image":[{"width":1441,"height":910,"url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/06\/What-is-Fileless-Malware-and-How-to-Protect-Against-Attacks_-1.jpg","type":"image\/jpeg"}],"author":"EasyDMARC","twitter_card":"summary_large_image","twitter_creator":"@easydmarc","twitter_site":"@easydmarc","twitter_misc":{"Written by":"EasyDMARC","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/#article","isPartOf":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/"},"author":{"name":"EasyDMARC","@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/person\/449261e9810b270cc697c7c9c5b89e97"},"headline":"What is Fileless Malware and How to Protect Against Attacks?","datePublished":"2022-06-24T10:08:37+00:00","dateModified":"2023-08-03T10:49:17+00:00","mainEntityOfPage":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/"},"wordCount":1438,"publisher":{"@id":"https:\/\/easydmarc.com\/blog\/#organization"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/06\/What-is-Fileless-Malware-and-How-to-Protect-Against-Attacks_-1.jpg","articleSection":["Blog","Cyberattacks and Cyberthreats","Cybersecurity","Malware"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/","url":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/","name":"What is Fileless Malware | EasyDMARC","isPartOf":{"@id":"https:\/\/easydmarc.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/#primaryimage"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/06\/What-is-Fileless-Malware-and-How-to-Protect-Against-Attacks_-1.jpg","datePublished":"2022-06-24T10:08:37+00:00","dateModified":"2023-08-03T10:49:17+00:00","description":"Hackers use fileless malware to attack a system. They hide corrupt codes in genuine programs. Discover how to spot and prevent it here.","breadcrumb":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/#primaryimage","url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/06\/What-is-Fileless-Malware-and-How-to-Protect-Against-Attacks_-1.jpg","contentUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/06\/What-is-Fileless-Malware-and-How-to-Protect-Against-Attacks_-1.jpg","width":1441,"height":910},{"@type":"BreadcrumbList","@id":"https:\/\/easydmarc.com\/blog\/what-is-fileless-malware-and-how-to-protect-against-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/easydmarc.com\/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/"},{"@type":"ListItem","position":3,"name":"Cybersecurity","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/cybersecurity\/"},{"@type":"ListItem","position":4,"name":"Cyberattacks and Cyberthreats","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/cybersecurity\/cyberattacks-cyberthreats\/"},{"@type":"ListItem","position":5,"name":"Malware","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/cybersecurity\/cyberattacks-cyberthreats\/malware\/"},{"@type":"ListItem","position":6,"name":"What is Fileless Malware and How to Protect Against Attacks?"}]},{"@type":"WebSite","@id":"https:\/\/easydmarc.com\/blog\/#website","url":"https:\/\/easydmarc.com\/blog\/","name":"EasyDMARC","description":"Blog","publisher":{"@id":"https:\/\/easydmarc.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/easydmarc.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/easydmarc.com\/#organization","name":"EasyDMARC","url":"https:\/\/easydmarc.com\/","logo":{"@type":"ImageObject","url":"https:\/\/easydmarc.com\/img\/logo.png"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/EasyDMARC\/","https:\/\/x.com\/easydmarc","https:\/\/www.linkedin.com\/company\/easydmarc\/mycompany\/"]},{"@type":"Person","@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/person\/449261e9810b270cc697c7c9c5b89e97","name":"EasyDMARC","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/fcbf1ca829f8e0977fce524da20caa8a528368d0909ce48741526046e5113259?s=96&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/fcbf1ca829f8e0977fce524da20caa8a528368d0909ce48741526046e5113259?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fcbf1ca829f8e0977fce524da20caa8a528368d0909ce48741526046e5113259?s=96&r=g","caption":"EasyDMARC"},"url":"https:\/\/easydmarc.com\/blog\/author\/easydmarc\/"}]}},"jetpack_featured_media_url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/06\/What-is-Fileless-Malware-and-How-to-Protect-Against-Attacks_-1.jpg","_links":{"self":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts\/28384","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/comments?post=28384"}],"version-history":[{"count":0,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts\/28384\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/media\/33263"}],"wp:attachment":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/media?parent=28384"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/categories?post=28384"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/tags?post=28384"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}