When 'Invisible malware' infect your PC, antivirus can't do anything
If you think your computer's antivirus is strong enough to deal with all sorts of malware and virus attacks, think again! Security researchers have warned about a new breed of malware, one that remains invisible, making it extremely hard for a targeted user to remove, or even, detect it. Here's all about the 'invisible malware' and its working.
Typically, malware and other malicious programs rest in the form of an infected file on the PC. It can be buried deep within several folders but still remains detectable by legacy antivirus packages. However, the 'invisible' one plays it smart and resides either in the memory or in the Basic Input Output System (BIOS), where it can't be detected by the AV software.
By sitting at places beyond antivirus' reach, the malware can easily compromise your computer without being detected. In some cases, as PCMag reports, it can even show up as infected firmware update, which, when downloaded, can replace the existing firmware with one designed to compromise your PC. And again, you won't be able to figure out the source of infection.
The malware works with the help of another malicious program called Blue Pill malware. Essentially, this malware is a virtual root kit that boots before the OS, creating a virtual machine (VM) to keep the main malware undetected. Then, it loads the OS into the VM, which allows the malware to fake a shutdown & restart, and stay up and running all the time.
While the malware strain can be difficult to detect and weed out from an infected PC, senior analyst Alissa Knight, who warned about the invisible malware, says that forced shutdown of the system can be the solution. Basically, this will pull the plug on the fake shutdown and restart process the malware had been using to expand its footprint on your PC.
As memory/BIOS-based attacks can prove really dangerous, Lockheed Martin and Intel are developing the Intel Select Solution for Hardened Security, a new line of processors to isolate and protect critical resources from malware attacks. Notably, Intel is also working on 'Hardware shield' to lockdown BIOS.