Do you believe that an incurable, undetectable malware infection can exist? It seems that malware researchers have developed one that may fit the bill as a proof of concept. Named after the Hindu demon Rakshasa, this malware infection is a result of a malware experiment by malware researcher Jonathan Brossard. The results are alarming – it seems that Rakshasa may be hardly possible to be removed from an infected machine!
Why Rakshasa Uses Backdoor Trojans
Rakshasa attempts to establish a permanent backdoor into the infected computer. This backdoor is nearly impossible to detect and even more difficult to be removed. Before delving into what Rakshasa actually is, we need first to understand the concept of a ‘backdoor.’ Backdoor Trojans and other malware infections basically make an opening in the infected computer’s security, which can make it possible to install malware, steal data or spy on the infected computer. Much like a real life back door allows a burglar to enter an unguarded building, a malware backdoor allows criminals to gain unauthorized access to a computer.
How Rakshasa Attacks a Computer
The most dangerous kinds of malware attacks, known as rootkits, corrupt the infected computer’s BIOS. The BIOS starts up the computer’s operating system as well as initializing other parts of the computer. Rakshasa attacks the infected computer’s BIOS, but Rakshasa also exploits a basic aspect of how computers are built. Peripheral devices can write to a computer’s RAM as well as to memory allocated to other peripherals connected to that computer. Unfortunately, Rakshasa uses this feature of computer architecture to infect all peripherals connected to the targeted computer. That means that if one component of the infected computer is disinfected, Rakshasa will simply infect again from another infected peripheral.
The Implications of Rakshasa
To disinfect a computer infected with Rakshasa, you would need to disinfect all connected peripherals simultaneously, which would be expensive and time consuming. In fact, recovering from Rakshasa would usually be more expensive than buying a new computer, making removal of Rakshasa impractical. The implications of Rakshasa are catastrophic. Due to the fact that the components in a computer could come from a number of different sources, it is entirely possible for malware similar to Rakshasa to be established at any point of the process. For now, Rakshasa is entirely theoretical, although Rakshasa definitely poses a worrying possibility.
How Can You Detect Rakshasa?