What is Polymorphic Virus

Posted by Mayank on July 6, 2012 in Security

Polymorphic virus is considered jack-of-all-trades virus. Polymorphic virus mutates over time or after every execution, changing the code used to deliver its payload. A Polymorphic virus may guard itself with an encryption algorithm that automatically alters itself when certain conditions are met. This makes a polymorphic virus more difficult to be identified by ordinary antivirus software.

To effectively find polymorphic viruses, an antivirus software needs to be more robust, capable of handling complex algorithms available to help it identify distinctive patterns which can betray the presence of a virus even when the code behind the virus is not known to the software. Such software tends to be more expensive, reflecting the additional effort required during development and updates to make the software functional.

The first known polymorphic virus was developed in 1990, in the early days of the Internet, which corraborates the fact that virus creators have always been ahead of the curve when it comes to developing malicious code. Essentially, the designers of polymorphic viruses have integrated a trait associated with viruses which infect humans into the design of their software, designed to infect computers. Human viruses are infamous for being able to mutate rapidly to avoid detection and prevent the buildup of immunities, and when a computer virus has a similar trait, the results can be unpleasant for computer users. It can be difficult to mount an adequate defense against a polymorphic virus, even with excellent antivirus software which has been designed to attempt to detect such viruses.

Polymorphic viruses can operate in different ways. Some mutate with each infection, making the virus extremely difficult to track. Others change with each generation. The speed of mutation is also highly variable. Some viruses mutate more slowly, which can make it easier to catch them, while others change very quickly. All of these variations, as a whole, make polymorphic viruses very diverse, which adds to the challenge of pinning them down.

Infection with a polymorphic computer virus can be a serious problem. While all computer viruses are designed to remain undetected for as long as possible, so that they can exact the maximum damage and increase their chances of infecting other computers, a polymorphic virus can linger undetected even on a system with antivirus software in place. People may also be lulled into thinking that their system is clean because they have such software and they update it regularly.

Related Posts Plugin for WordPress, Blogger...

Comments on this entry are closed.