Return of the parasitic: Putting the “virus” back in malware

In the beginning there was a scion of malware called “virus”. Now, this “virus” was initially very popular but over the years the creators started ignoring “virus”, shifting, instead, towards “virus”’s colleagues. Over the next few years the malware family consisted mainly of boring downloader Trojans, the occasional email worm and a plethora of network worms with IRC backdoor functionality. No doubt “virus” felt left out.

However, there has been a resurgence of parasitic viruses over the last six months or so. Examples include members of the Looked, Alman, Pardon and Virut families, to mention but a few. Some have even been polymorphic and midinfecting.

Parasitic viruses modify files so painstaking, non-trivial analysis and disinfection is generally required. And if the virus is written poorly, permanent damage to files may result during attempted infection.

If viruses are making a come back, we ought to beware and be prepared to get in there and sort it out.

Bring it on, I say!

Posted on May 2nd, 2007 by SKM, SophosLabs UK
Filed under: Uncategorized

Windows 7 security - A great leap forward or business as usual?

About SophosLabs

SophosLabs protects businesses from known and emerging malware - viruses, rootkits and spyware - and other computer threats like phishing, spam and scams. Learn more about the people who write this blog.

RSS feed

Hot video

International Kill-A-Zombie Day

SophosLabs blog