View Single Post
  #2  
Old 02-18-2017, 09:35
H4vC H4vC is offline
Friend
 
Join Date: Jan 2017
Posts: 32
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 3
Thanks Rcvd at 20 Times in 11 Posts
H4vC Reputation: 1
How do you solve persistence in fileless malware though?
If you rely on some non public exploits ideally you want to run them the least amount of times possible to give reverse engineers the smallest feasible window into your exploits.
IIRC duqu infected high uptime devices (servers / firewalls etc) to reinfect the main target and while with the advent of IOT devices there's more and more of those to bounce your infection vector off of I still think that the persistent threat that standard malware offers is more suited for the non corporate target where you can't rely on the foothold that high uptime devices give you.

Last edited by H4vC; 02-18-2017 at 09:45.
Reply With Quote