What is a Hollow Process?
A Hollow Process Injection, also called Process Hollowing, refers to the code injection technique used by hackers to replace the executable section of legitimate process with malicious code. This disguises malicious code so that a legitimate process will execute it. The legitimate path remains the same, but the malware is hidden within.
How to Recognize This Threat: This threat is difficult to recognize without advanced IT expertise or specialized scanner software, as once the hollow process injection takes place, the malware is able to delete other remnants of itself on the system.
How to Prevent This Threat: Keeping malware off your network is the best solution to avoiding a hollow process injection. The safest way to do accomplish that level of protection is with a business-class firewall along with a security services subscription. Check out some of the top options available.