Malware Strains Meld by Accident

Thursday, January 26, 2012 @ 04:01 PM gHale


Viruses are accidentally infecting worms on victims’ computers, creating super-powered strains of hybrid software disasters.

This strain of malware spreads quicker than before, and confounds systems and exposes private data in ways even the original virus writer could think of.

RELATED STORIES
Rail Hack: Govt. Works with Industry
Video Conferencing: An Easy Hack
Malware with Customer Support
Scanner Email Hides Malware

A study by antivirus company BitDefender found 40,000 samples in a study of 10 million infected files in early January, or 0.4 per cent of malware strains sampled. These files pose a greater risk to infected users than standard malware, the Romanian antivirus firm said.

“If you get one of these hybrids on your system, you could be facing financial troubles, computer problems, identity theft, and a wave of spam thrown in as a random bonus,” said Loredana Botezatu, the BitDefender analyst who conducted the study. “The advent of malware sandwiches throws a new twist into the world of malware. They spread more efficiently, and will become increasingly difficult to predict.”

BitDefender doesn’t have historical data, but it thinks it will grow at the same rate as regular computer viruses, or about 17 percent per year.

All of the malware hybrids analyzed by BitDefender ended up created accidentally. However, the risk posed by these combos could increase dramatically as crooks latch onto the idea of deliberately splicing malware strains together to see what sticks. This is on top of efforts by blackhat coders to add extra features to others’ viruses and unleash the updated builds onto the unsuspecting public.

BitDefender carried out its study after finding a sample of the Rimecud worm infected by the Virtob file infector. Rimecud originally came about to steal online passwords for e-banking or email accounts, among other functions. Virtob creates a hacker-controlled backdoor on infected systems.

“Imagine these two pieces of malware working together — willingly or not — on the same compromised system,” Botezatu said. “That PC faces a twofold malware with twice as many command and control servers to query for instructions; moreover, there are two backdoors open, two attack techniques active and various spreading methods put in place. Where one fails, the other succeeds.”



Leave a Reply

You must be logged in to post a comment.