Advanced volatile threat

Advanced Volatile Threats (AVT) are an advanced kind of cyberattack where the malicious code does not need to reach its victim's hard drive in order to deliver its payload.[1]

Traditional antivirus solutions depend on the presence of a file on the hard drive. That particularity makes this attack more potent than the related advanced persistent threat.[2]

Term

The term Advanced Volatile Threats began being used publicly[3] following the release of a report by security firm Mandiant detailing the activity of APT1. The term "AVT" was coined by Triumfant CEO John Prisco.[4] Another example of this type of malware is CDorked.A, whose configuration data is held entirely in RAM and is never written to the hard drive.[5] Yet another example of this popular attack is the Hetzner case, when a popular hosting company was compromised using the same techniques.[6][7]

References

  1. http://www.usatoday.com/story/tech/2013/02/21/advanced-volatile-threat-malicious-software-pc-intrusions/1933975/
  2. "Archived copy". Archived from the original on 2013-05-01. Retrieved 2013-05-02.
  3. http://www.darkreading.com/vulnerability/move-over-apts-the-ram-based-advanced/240149192
  4. http://www.usatoday.com/story/tech/2013/02/21/advanced-volatile-threat-malicious-software-pc-intrusions/1933975
  5. http://www.usatoday.com/story/tech/2013/05/02/cybersecurity-advanced-malware-apache-webserver/2127627/
  6. http://www.heise.de/newsticker/meldung/Hetzner-gehackt-Kundendaten-kopiert-1884180.html
  7. Fabian Scherschel (7 June 2013). "Hetzner web hosting service hacked, customer data copied". The H.

http://www.csoonline.com/article/729258/advanced-volatile-threat-new-name-for-old-malware-technique-


This article is issued from Wikipedia - version of the 10/4/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.