• Home M Malicious Process Migration

Malicious Process Migration

What is a Malicious Process Migration?

Malicious Process Migration involves a hacker moving malware from one compromised process to another. This allows the hacker to better avoid detection and maintain a connection with the infected computer even when the browser session is ended by the user. It is a fairly common practice in hacking to attempt to gain more privileges or establish a more permanent hold on a device.

How to Recognize This Threat: If a hacker is active on a user’s computer, then there may be increased processor activity. A malicious migration typically uses DLL exploits, which some scans may pick up.

How to Prevent This Threat: Sophos Intercept X endpoint protection is designed to detect and terminate these attacks. The software will also alert network admins that such an attack has occurred, and generate a root cause analysis to further investigate the incident.