Reply to post: Since companies often don't have internal firewalls

Revealed: Malware that skulks in memory, invisibly collecting sysadmins' passwords

Anonymous Coward
Anonymous Coward

Since companies often don't have internal firewalls

Infecting one PC with memory resident malware would allow it to infect other PCs using any random remote exploit combined with an escalation of privileges once aboard the new target.

Then even rebooting won't fix anything, you'll be reinfected by one of the other infected PCs. Even after a patch Tuesday update everything will eventually be reinfected, since not every PC will be rebooted at the same time. Even if the hole being used is patched, or an AV software vendor developed detection for it, the malware could download updates to continue operation (masquerading as what looks like normal web queries to mask the activity)

It written well enough and properly maintained, it could essentially be immortal. What are you going to do, get everyone in the company to shut down every PC all at once? Yeah right!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021