Which virus operates only in memory and usually exploits a trusted application like PowerShell to circumvent traditional endpoint security solutions?

Fileless malware is designed to reside only in a computer's memory, without leaving any trace on the disk. This characteristic allows it to bypass traditional endpoint security measures that rely on scanning files stored on disk drives. By exploiting trusted applications such as PowerShell, which is a legitimate tool often used for script execution and automation, fileless malware can carry out harmful activities without triggering the typical alerts associated with malicious files.

Traditional security solutions typically monitor for known threats based on signatures or file behavior. Since fileless malware does not create files or traditional malicious signatures, it can easily evade detection, making it a particularly insidious threat to systems. Its capability to utilize the memory and trusted applications enables it to execute actions that can compromise the system without alerting security protocols that focus on file-based threats.