Trend Micro has recently been encountering more hybridized malware files. These are conventional malware files (such as worms or Trojans) that have been infected themselves. Consequently, they display both sets of behaviors– those of the worm/Trojan and of the file infector.
One recent example of this type of attack involved an IRC bot detected as WORM_LAMIN.AC that was also infected by a mother file infector PE_VIRUX.AA-O.
It’s not clear if these kinds of malware were intentionally created or if they are the result of a highly infected user system. While some of these problems largely affect malware analysts (such as inaccurate detection names), the biggest issue for users is how it affects cleanup. An incomplete clean operation could lead to the creation of a damaged variant of the malware, which might allow them to evade detection by security software.
More: http://blog.trendmicro.com/hybridized-malware-spreading/
............................................................................................
Site Admin / Security Administrator
Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
One recent example of this type of attack involved an IRC bot detected as WORM_LAMIN.AC that was also infected by a mother file infector PE_VIRUX.AA-O.
It’s not clear if these kinds of malware were intentionally created or if they are the result of a highly infected user system. While some of these problems largely affect malware analysts (such as inaccurate detection names), the biggest issue for users is how it affects cleanup. An incomplete clean operation could lead to the creation of a damaged variant of the malware, which might allow them to evade detection by security software.
More: http://blog.trendmicro.com/hybridized-malware-spreading/
Site Admin / Security Administrator
Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.