Though fileless malware has been around much longer, it only became a mainstream method of cyberattack in 2017. With fileless malware, cybercriminals are able to use legitimate tools and services, such as existing software, applications, and authorized protocols, to carry out malicious activities like unauthorized data retrieval or data damage.