Indonesian Political, Business & Finance News

AI Malware Threatens Windows Devices, Can Evade Conventional Antivirus

| By Yudha Pratomo | Source: KOMPAS Translated from Indonesian | Technology
AI Malware Threatens Windows Devices, Can Evade Conventional Antivirus
Image: KOMPAS

Security threats to Windows 11-based devices are on the rise. Now, a new AI-based malware has emerged that is more sophisticated and difficult to detect by traditional antivirus software.

A PCWorld report mentions AI-based malware, such as “DeepLoad”. This malware uses fileless attack methods. This means the malware does not rely on suspicious files that are typically recognised by antivirus software.

The malware attack is carried out by tricking users into running commands that appear harmless in Command Prompt or PowerShell. From there, the infection begins unnoticed.

Once inside, the malware can deceive the system and communicate with the attacker’s server using built-in Windows tools. This malware can steal sensitive information from both ordinary users and corporate environments.

This is because conventional antivirus security systems generally rely on detecting files or known patterns, while AI malware can adapt and dynamically change its code.

This situation shows that threats to operating systems, particularly Windows, are changing rapidly. Therefore, Microsoft must also release emergency updates to close various security gaps.

In mid-March, Microsoft released a security update for Windows 11, particularly the Enterprise versions such as 24H2, 25H2, and LTSC variants.

This update patches critical vulnerabilities in the Routing and Remote Access Service (RRAS) that attackers could exploit to run malicious code remotely.

In some cases, attackers only need to get the victim to connect to a compromised server to take over the system.

This security issue also extends to other applications. In the March Patch Tuesday update, Microsoft closed more than 80 security vulnerabilities, including those in Excel and other Office applications.

In fact, in certain scenarios, malicious code can be executed simply by opening the preview panel in Outlook.

To reduce risks, users are advised to install Windows updates immediately, avoid running commands arbitrarily in PowerShell or Command Prompt, and be vigilant against suspicious instructions circulating on the internet or in emails.

View JSON | Print