A security researcher from Norway has discovered a new trick that can allow malware to persist on infected systems after reboots.
In infosec circles, the term for this is "persistence" and refers to a malware strain's ability to start right back up after a system reboot.
Oddvar Moe, a Norwegian blogger and Windows security specialist, has recently discovered a new and somewhat clever way of abusing the Windows Registry to trick Windows into running a malware's process after a boot-up.
Moe's new method only works on Windows 10, and only with apps developed for the Universal Windows Platform, a new Windows runtime system that Microsoft launched back in 2015.
In an interview with ZDNet, Moe said the technique should work with any UWP apps, but it is only useful when used with UWP apps that Windows 10 runs automatically after boot-up --such as Cortana and the People app.