• @RGB3x3
    link
    English
    67 months ago

    You can’t activate malware by restarting your system. There’s no reason why an attacker would wait for a restart to do what they want to do.

    What can happen is that restarting doesn’t help fix anything related to malware if the malware has been written to gain persistence. It’ll edit the registry so that it can run on startup, so restarting your system makes no difference.

    • @yildolw
      link
      English
      87 months ago

      They might be thinking of malware spread on floppy disk or a usb stick. A restarting computer with sus media inserted might have treated them as a boot device back in the day and run the executable code with higher privileges

    • @[email protected]
      link
      fedilink
      English
      47 months ago

      It would entirely depend on the design of the malware. If a malware author wanted to chronologically separate infection from detection, doing persistance and then not activating until next reboot wouldnt be unreasonable.

      For example, if a user visits a site, and 10 seconds later their PC gets cryptolockered, they can report the site. If they visit a site, and then a hundred others, and then 10 days later their PC reboots and gets cryptolockered, they will have no idea which site did it.