Skip to main content

Home Fileless malware

Fileless malware

Fileless malware definition

Fileless malware is malicious software that works without planting an actual file on the device. It doesn’t use the device’s ROM and is written directly into RAM, so it leaves no trace. This makes it very difficult for traditional antivirus software to detect and remove it. Fileless malware is commonly distributed through infected websites. Cybercriminals can use JavaScript to feed malicious commands to the device they want to target.

Fileless malware examples

In 1989, a virus called The Dark Avenger was discovered that operated solely in the computer’s memory, although it had to be delivered as a file. It infected executable files whenever the user ran or copied them. It’s one of the first known examples of fileless malware.

In 2017, cryptocurrency malware WannaMine was discovered infecting servers in large corporations. It penetrated systems through the unpatched SMB protocol and executed code to mine Monero cryptocurrency.

Stopping fileless malware

  • Always keep your software and OS updated.
  • Beware of phishing emails and sketchy websites.
  • Use NordVPN’s Threat Protection feature to scan your downloaded files for malware.