When Computer Viruses Infect Worms by Mistake


Mon, Jan 30th, 2012 11:00 by capnasty NEWS

Great read by Malware City's Loredana Botezatu on a new form of malware that has developed purely by accident: computer viruses infecting worms and successfully spreading by piggy-backing on the malware.

Ten years ago, there was a clear-cut distinction between Trojans, viruses and worms. They all had their own features specific to one family of malware only. As more people connected to the internet, cyber-criminals started mixing ingredients to maximize impact. And here I'm thinking Trojans with worm capabilities or viruses with Trojan features, and so on.

Now, another "practice" has silently emerged: the file infector that accidentally parasites another e-threat. A virus infects executable files; and a worm is an executable file. If the virus reaches a PC already compromised by a worm, the virus will infect the exe files on that PC - including the worm. When the worm spreads, it will carry the virus with it. Although this happens unintentionally, the combined features from both pieces of malware will inflict a lot more damage than the creators of either piece of malware intended.

Apparently though, says Catalin Cosoi, head of the Online Threats Lab at BitDefender "these things happen accidentally" and that their combination "doesn't usually work, but sometimes it does."

It helps if the two pieces of malicious software have complementary features, he said -- for example, if one is a keylogger while the other is designed with a wormlike ability to propagate quickly.The good news is that, generally, such hybrid viruses can be easier to detect than their parents, because antivirus software that uses "signature" definitions -- which identify malicious programs by looking for telltale lines of computer code -- have "twice the chance" to detect the troublemaker. On the other hand, some other virus detection tools might overlook the Frankenware because the new file will be a different size from its parents, Cosoi said.



You may also be interested in:

Why We Use [X] to Close Windows
Windchime: Adding a Musical Dimension to the Act of Composing Written Text
Moonjs: the Apollo Guidance Computer Simulated in Javascript
Optician Sans