Code Caving

What is Code Caving?

Code Caving occurs when a hacker hides malware within a legitimate application. The hacker injects malicious code through a “code cave,” filling previously empty or unused space in an application.

How to Recognize This Threat: This appears to the user to be good software as it also fools many traditional security applications into whitelisting it. It takes a robust endpoint solution to detect its presence.

How to Prevent This Threat: Sophos Intercept X endpoint protection is built to detect unauthorized code cave content and stop it from causing any damage to your computer or network. Try it free before buying!