Power Shell is a powerful malware tool

PowerShell used as a tool in compound malware attacks is becoming more common, with 38% of all attacks seen by IT security vendor CarbonBlack and its partners involving the native Windows scripting language.

Its use is so common in enterprises for legitimate purposes that most security devices and personnel don’t regard it as a threat, says Ben Johnson, the chief security strategist at CarbonBlack.

That makes it all the more effective as a component of attacks. Its scripts can run in memory only so it never creates a file on disk, Johnson says. “It creates less noise on the system,” so it’s less likely to draw attention to itself, he adds.

To read this article in full or to leave a comment, please click here