• CameronDev
    link
    fedilink
    English
    arrow-up
    3
    ·
    7 months ago

    Those all are things that require external human intervention though?

    If the malware is persistent, then one way or another it needs to leave an exploit on the device, it can either be a persistance exploit, or a privesc exploit.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      3
      ·
      7 months ago

      Right so the issue here is we are saying for the class of malware that is not persistent restarting the device will take it out of memory. Which is a strict positive

      • CameronDev
        link
        fedilink
        English
        arrow-up
        2
        ·
        7 months ago

        Yup. Although i’m not sure there are many (any?) malwares that don’t have some form of persistence. Exploits requiring human intervention are usually just the first stage, and persistance is the second.

        I dont know of any APTs that are purely memory only, but if you know of one please link so I can read up on it.