A dropper is a small helper program that facilitates the
delivery and installation of malware.
Spammers and other bad actors use droppers to circumvent the signatures that anti-virus programs use to block or quarantine malicious code. It’s much easier to change the dropper, should its signature become recognized, than it would be to rewrite the malicious code-base.
Droppers, like many of their larger Trojan horse
counterparts, can be persistent or non-persistent. Non-persistent droppers
install malware and then automatically remove themselves. Persistent droppers
copy themselves to a hidden file and stay there until they complete the task
they were created for.
Droppers can be spread many ways, including by:
- Opening an infected e-mail attachment.
- Picking up a drive-by download on an infected
website.
- Clicking a malicious link on a website or in an
email.
- Using an infected flash drive.
Sometimes droppers are bundled with free utility programs
(such as ad blockers) to avoid detection. When the free program executes, the
dropper will first download and install malware before it unpacks and installs
the legitimate utility.
Get in touch today to protect your digital assets from evolving
Cyber Threats!!