Adventures in the Underland: Uncommon Hacker’s Persistency Methods and Countermeasures

Tech 1 (718A) October 5, 2022 10:15 am - 11:15 am Feedback     

Bookmark and Share

Paula Januszkiewicz

Persistence is one of the main aspects that hackers pay special attention to during the malware development and during the attack phase. The goal is very simple: to be as stealth as possible. Usually, attackers aim to maintain the presence in the target’s network by installing malware on various workstations and servers. However, the main challenge for them is that the malicious code needs to be available also after reboot, so the best solution would be to put it in a place that is not discovered by the vast majority of the monitoring tools. Sneaky, right? And when this persistency goes on sale, the problems begin, and ransomware comes to action. Since there are so many places on Windows to stay stealth and to hide even from well-known monitoring tools, it would be great to become familiar with at least some of them, especially the uncommon ones!