Malware can be eliminated by adjusting your screen resolution, claimed by a new study. According to Forbes' previous report, a prevalent, notorious, and highly dangerous malware strain called "Trickbot" has burst onto the threat radar since 2016.
Also Read: WARNING: These 1,000 Phrases Can Incorrectly Activate Siri, Alexa, and Google Assistant: Privacy Intrusion Might Happen
Also Read: BEWARE: New Powerful Android Malware, FakeSpy, Targets Royal Mail UK and Various Postal and Delivery Service
Trickbot is a successor of Dyer, a banking Trojan of some repute, which has relentlessly evolved courtesy of it being modular. The report stated that Trickbot is considered the most prolific malware to benefit from COVID-19 campaigns during the ongoing global pandemic, which is most often linked with the Emotet spamming distribution system.
Ransomware attacks and credential theft can take place if the malware infection is successful, as well as leading to the installation of other remote access malware threats.
Trickbot can also ensure that no trace of itself is left behind by running the malware from the device's memory. However, the weakness of Trickbot was identified, despite the undoubted advanced nature of this malware, because of its ability to make detection harder; low screen resolution is the kryptonite to the favorite malware of many hackers.
According to Bleeping Computer's previous report, the latest Trickbot would check and observe the screen resolution to evade detection by threat researchers, which was first noticed by a security researcher by the name of Maciej Kotowicz. The malware process is done since security researchers usually track and analyze malware running within a virtual machine (VM), making use of a number of standard analysis tools by sandboxing the threat.
How screen resolution affects hacking activity?
According to Forbes, many malware determines if it is being executed inside a VM, a trick exploited by hackers to avoid detection. However, a new method was added by Trickbot to the malware toolbox; the favorite malware was detected looking for screen resolution of the device it is running on, as well as checking for various services and processes.
Trickbot will terminate itself if the device is running at a resolution of 1024x768 or lower (800x600). The report explained that security researchers usually use these resolutions for malware VMs. The malware is provided with other clues to the virtual environment by VM's higher resolutions, which is enabled by low screen resolutions, acting as installing software.
Today's #Trickbot loaders with a screen resolution #antivm trick, if you have 800x600 or 1024x768 resolution - you are safe! ;] cc @VK_Intel @James_inthe_box @JAMESWT_MHT @abuse_ch pic.twitter.com/mbGE5IwLH0 — mak (@maciekkotowicz) June 30, 2020
However, the report claimed that since people wouldn't want to use their device at such low resolutions day-to-day, the discovery is bad for security researchers and everyone else. However, there are also other ways on how to eliminate Trickbot without sacrificing your screen resolution.
"This latest development, which checks whether the malware is being analyzed via checking screen resolution, will make it even more difficult for security teams to detect and mitigate the effects of TrickBot," said a senior security researcher at DomainTools, Tarija Saleh.
"The best advice for employees is to exert extreme caution when downloading anything that seems suspicious in over to avoid malware exfiltration in the first place," he added.