Malware is a file that resides on computers and in turn damage the computer system or steals important information from the system. These files can be hidden in any file type. And when that file type is clicked by the user, an installers runs on the target system and installs the malware on to the system.
Most of these malware that affect the systems come from the internet, and generally through file downloads and e-mails. But our anti-virus program(if installed) protects us from most of these malware files. But every minute a new malware is created. So it becomes really hard for the antivirus companies to detect all these files and ready an update for them.
And to add to this problem, a new persistent threat malware has come to existence. This malware, called POWELIKS, is very different approach to steal data and identity from the target systems. this malware do not use any installer to install malware files on the target system, but instead uses a technique that is used by Microsoft to protect its confidential data and the source code.
In this technique the malware creates a windows registry with a non ASCII key. A non ASCII key is not readable by the Registry Editor Programs on windows.And hence it makes it difficult for the anti-virus programs to detect such a threat. Since there is no installer involved in the infecting process, it makes it even more difficult to detect such a threat. Because the main criteria for detecting a threat, by an anti-virus is based on the installer files.
The malware uses a step by step procedure to implement its malicious code on the target system. Which means it is not active at all times. It does so at regular intervals, and during this process its tasks may vary from sending your personal information to some remote server or stealing other data. Here’s a possible list of tasks that this malware can perform:
- Install other malware software
- Download payloads over the internet
- Install trojans to steal your banking data, or your login data and passwords
- Can be used in ad-frauds to generate more revenue
- Install spyware on your system to spy on you
This malware is said to be transferred through Microsoft Word documents through e-mails. Many Microsoft services including microsoft Office are said to infected with this malware. Authors of the malware have allegedly sent out fake e-mail attachments from Canada Post and/or USPS e-mail, which holds the tracking information.
Beware of any e-mails that you get from any unknown sources over the internet that contains any attachment with it. It is in your best interest that you do not open or download this attachment on your computer to keep your valuable data safe.
Read more about malware protection and some useful information here.