New Malware Threat Hides In Your Registry

Malware written on circuit board

It seems a new malware threat emerges practically every day, but most threats have a lot in common. They gain access to your device in a similar fashion and are fixed or bypassed in a similar fashion. A new threat reported on the Symantec blog, however, is unique. Trojan.Poweliks isn’t like other malware that exists as a file on an infected machine. Instead, this particular form of malware hides in the computer’s registry.

Trojan.Poweliks still infects computers the way most other forms of malware do. Users are commonly infected through spam emails, malicious links and exploit kits. Users have reported seeing emails claiming to alert them about a missed package delivery. Opening the email and downloading the attachment leaves them infected.

Once a machine is infected, the trojan disguises itself as a registry subkey. That means most users will never be able to find it.

While it’s hidden, the malware receives commands remotely from the attacker and can take all sorts of nasty actions to cripple your computer and monitor your activity.

Staying safe from these types of threats requires both intelligent web use and proper security tools in place. An updated antivirus tool will catch many of these threats, but if you’re among the first users infected, your antivirus won’t be able to recognize the latest form of malware. That’s why your first line of defense has to be to avoid where these threats are commonly found. Don’t download suspicious email attachments or follow links sent to your email. These practices will help keep you out of harm’s way.

If you’d like to improve the security on any of your devices, or need help getting rid of malware that’s infected your machine, call Geek Rescue at 918-369-4335.

November 3rd, 2014