Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Memory-resident malware is a type of malware that inserts itself into a computer or device in a particular way, loading its own program into permanent memory. This causes unique problems for security systems and professionals trying to maintain the integrity of a system and its security tools.
Memory-resident malware is also known as an ephemeral infection.
One problem is that memory-resident malware typically does not leave traces on a disk in the way that non-resident programs do. The data transfers related to non-resident malware attacks are clearer and easier to detect, because of the forensic data left behind during operations. Because memory-resident malware do not leave these telltale signs, they are harder to clean.
Additionally, memory-resident malware does not have to be executed, meaning that it can run continually in the background and infect parts of a system based on user events. Tactics like disk imaging and on-access scanning can be effective in removing memory-resident malware. In some cases, rebooting a system can help. Some antivirus programs are also made to be effective against memory-resident malware.
Another feature of memory-resident malware programs is that they tend to block their own removal. Programs resident in RAM enjoy some protections that make it more difficult to remove these types of malware. In general, memory-resident malware is a big concern to security professionals and an issue for modern anti-virus and anti-malware programs.