Article | July 15, 2020

Evasive Scripts: What They Are, And What We're Doing About Them

Source: Webroot

By Justine Kurtz, Webroot

Industry 4.0 data network digital 450x300

“What’s an evasive attack? At a very basic level, it’s exactly what it sounds like; it’s a cyberattack that’s designed to hide from you,” says Grayson Milbourne, Security Intelligence Director at Webroot, an OpenText company.

Based on Grayson’s initial explanation, you can imagine that evasive tactics are pretty common throughout cybercriminal activities. But they’re especially prevalent in the context of scripts. Scripts are pieces of code that can automate processes on a computer system. They have tons of legitimate uses, but, when used maliciously, they can be extremely effective and difficult to detect or block.

With Grayson’s help, we’ll talk you through some of the common script evasion techniques that criminals use.

LolBins

Living off the Land Binaries (“LoLBins”) are applications that a Windows® system already has on it by default. Funny name aside, they’re extremely useful for attackers because they provide a way to carry out common steps of an attack without having to download anything new onto the target system. For example, criminals can use them to create persistency (i.e. enable the infection to continue operating after a reboot), spread throughout networked devices, bypass user access controls, and extracting passwords or other sensitive information.

VIEW THE ARTICLE!
Signing up provides unlimited access to:
Signing up provides unlimited access to:
  • Trend and Leadership Articles
  • Case Studies
  • Extensive Product Database
  • Premium Content
HELLO. PLEASE LOG IN. X

Not yet a member of VAR Insights? Register today.

ACCOUNT SIGN UP X
Please fill in your account details
Login Information
I'm interested in newsletter subscriptions.
ACCOUNT SIGN UP

Subscriptions

Sign up for the newsletter that brings you the industry's latest news, technologies, trends and products.