CynbersecurityCybersecurity firm discovers mutant computer viruses

Published 27 February 2012

Cybersecurity firm BitDefender recently announced that it had uncovered multiple instances of computer viruses infecting other viruses to create “Frankenware”

Cybersecurity firm BitDefender recently announcedthat it had uncovered multiple instances of computer viruses infecting other viruses to create “Frankenware.”

MSNBC’s The RedTape Chronicle reports that the accidental progeny of two viruses could be more dangerous, unpredictable, and harder to defend against than the originals. With so many viruses floating around cyberspace, writer of malicious code are careful to defend infected computers against other cyberattacks with their own antivirus programs to preserve the original code.

According to Catalin Cosoi, the head of the Online Threats Lab at BitDefender, sometimes infected machines are successfully infected again by another virus.

As with evolution, these things happen accidentally,” Cosoi told RedTape. “The combination doesn’t usually work, but sometimes it does.”

Frakenware is generally a rare phenomenon. Of the 10 million pieces of malicious software that BitDefender examined, the firm found 40,000 examples of mutant viruses.

Hybrid viruses are more likely to emerge if the two pieces of malicious software have complementary features. For instance, if one virus is a keylogger while the other is designed to be a worm that disseminates itself quickly.

The results are often unpredictable, but Cosoi said these mutated viruses are often easier to detect than their ancestors. He explained that antivirus software uses “signature” definitions, bits of computer code that signal a virus, to identify malicious code and Frankenware has “twice the chance” of being spotted.

On the down side, Cosoi did say, that because the mutated virus is often a different size from its parents, so antivirus software may overlook it.

John Harrison, a product manager at Symantec, told RedTape that his firm has yet to uncover any Frankenware like BitDefender, but did mention that once a computer is found to have a vulnerability hackers storm the gates, flooding it with malware.

We’ve seen computers with twenty-five different pieces of malware on them, even more,” Harrison said. “They are often stealthy. … By the time the user notices the PC has slowed down or there’s a blue screen, it could be the 100th piece of malware.” 

Cosoi was careful to note that there was no serious danger. So far none of the 40,000 discovered examples of mutated viruses were more dangerous than their ancestors. Furthermore, given the competitive nature of viruses and the desire to maintain control over a hard-won infected computer, creators of malicious code actively work to avoid instances of Frankenware.